I am currently setup PF with HP 2910. Follow the instructions for the 2610
on the manual of Packetfence.
I also read a LOT in the manuals of HP , and on others sites. I am at home
now I can not give you the link, but search for "802.1x on hp 2920" on
google and you will find what you want !
Anyway, it works so you can go ahead with these switches.
Good Luck ;)
2015-04-21 15:50 GMT+00:00 Tal Bar-Or <[email protected]>:
> Thanks ALL for the answer ,
> Sorry to bother again with this topic , but i need to understand the
> concept :-)
> I have on my LAN 3 users VLAN'S 17 18 19 , should i set in pfence Nic for
> each vlan?
> On the switch side how specific config set for Procuve 2910,20 toward
> Pfence 801.x and MAC Auth ?
>
> Thanks for the patience :-)
>
> On Mon, Apr 20, 2015 at 4:26 PM, Nicolas Gailly <[email protected]>
> wrote:
>
>> If I am not mistaken (no packetfence staff) you have to configure 801.x
>> and MAC Auth so no direct modifications of the port are needed. The port
>> will be in unauthorised state, until the radius server, (bundled with
>> packetfence) will tell the switch it s OK and the port will be put by
>> packetfence in the right vlan.
>>
>> Nicolas Gailly
>> On 20 Apr 2015 15:21, "Tal Bar-Or" <[email protected]> wrote:
>>
>>> Thanks Fabrice for the answer, :-)
>>>
>>> As for vlan config , how should i set the vlans , in case i want to
>>> leave ports in actual config "Untagged" and still have control of them ,
>>> and what else should i set with Packetfence and on the switch side
>>>
>>> Cheers
>>> Thanks
>>>
>>>
>>> On Mon, Apr 20, 2015 at 3:55 PM, Fabrice DURAND <[email protected]>
>>> wrote:
>>>
>>>> Hi Tal,
>>>>
>>>> Le 2015-04-19 14:29, Tal Bar-Or a écrit :
>>>> >
>>>> > Hello All,
>>>> >
>>>> > I am in the process of validating PacketFence and few other product
>>>> > like MS NPS,OpenNac
>>>> >
>>>> > Whats i am interested at most is three scenarios that can do isolation
>>>> > to designated VLAN but i am not yet ready to turn all our users
>>>> > switch port to dot1x authentication right away , since i have mass of
>>>> > equipment and each switch have some users on each 4 users Vlan we got
>>>> > as Unttaged , at the first step as follows below , mostly interested
>>>> > with virus detection and isolation for existing static ports
>>>> > configured as untagged.
>>>> >
>>>> > First scenario : We have Symantec endpoint protection AV and we would
>>>> > like to have isolation in case of
>>>> >
>>>> > * client infection
>>>> > * AV not installed
>>>> >
>>>> Let's configure packetfence with Symantec endoint :
>>>>
>>>> http://inverse.ca/downloads/PacketFence/doc/PacketFence_SEPM_Quick_Install_Guide-5.0.0.pdf
>>>>
>>>> > Second scenario: Our organization firewalls(Pfsesnce) have ids Snort
>>>> > based capable of sending syslog alert ,unified, SQL log alert, we
>>>> > would like to have ability to inform some how Packetfence server
>>>> > with violating IP and have it VLAN isolated , again first step most
>>>> > users still have static port Untagged .
>>>> >
>>>> We have a pfdetect remote that send the snort/suricata event to
>>>> packetfence.
>>>> >
>>>> > Third Scenario: unknown device attached to socket wall conf room or
>>>> > somewhere else, for those ports only we would like to use dot1x
>>>> > authentication will be isolated .
>>>> >
>>>> if the username and password is wrong then they will never be able to
>>>> connect.
>>>>
>>>> > Another point is that Most of network equipment are based on HP
>>>> > Procurve 2910al ,2920 ,1900
>>>> >
>>>> perfect
>>>> >
>>>> > My question to you PacketFence experts is possible with given above
>>>> > scenarios?
>>>> >
>>>> > Please advice
>>>> >
>>>> > Thanks
>>>> >
>>>> >
>>>> >
>>>> > --
>>>> > Tal Bar-or
>>>> >
>>>> >
>>>> >
>>>> ------------------------------------------------------------------------------
>>>> > BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT
>>>> > Develop your own process in accordance with the BPMN 2 standard
>>>> > Learn Process modeling best practices with Bonita BPM through live
>>>> exercises
>>>> > http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual-
>>>> event?utm_
>>>> > source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF
>>>> >
>>>> >
>>>> > _______________________________________________
>>>> > PacketFence-users mailing list
>>>> > [email protected]
>>>> > https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>>>
>>>> Regards
>>>> Fabrice
>>>>
>>>> --
>>>> Fabrice Durand
>>>> [email protected] :: +1.514.447.4918 (x135) :: www.inverse.ca
>>>> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and
>>>> PacketFence (http://packetfence.org)
>>>>
>>>>
>>>>
>>>> ------------------------------------------------------------------------------
>>>> BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT
>>>> Develop your own process in accordance with the BPMN 2 standard
>>>> Learn Process modeling best practices with Bonita BPM through live
>>>> exercises
>>>> http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual-
>>>> event?utm_
>>>> source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF
>>>> _______________________________________________
>>>> PacketFence-users mailing list
>>>> [email protected]
>>>> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>>>
>>>>
>>>
>>>
>>> --
>>> Tal Bar-or
>>>
>>>
>>> ------------------------------------------------------------------------------
>>> BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT
>>> Develop your own process in accordance with the BPMN 2 standard
>>> Learn Process modeling best practices with Bonita BPM through live
>>> exercises
>>> http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual-
>>> event?utm_
>>> source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF
>>> _______________________________________________
>>> PacketFence-users mailing list
>>> [email protected]
>>> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>>
>>>
>>
>> ------------------------------------------------------------------------------
>> BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT
>> Develop your own process in accordance with the BPMN 2 standard
>> Learn Process modeling best practices with Bonita BPM through live
>> exercises
>> http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual-
>> event?utm_
>> source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF
>> _______________________________________________
>> PacketFence-users mailing list
>> [email protected]
>> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>
>>
>
>
> --
> Tal Bar-or
>
>
> ------------------------------------------------------------------------------
> BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT
> Develop your own process in accordance with the BPMN 2 standard
> Learn Process modeling best practices with Bonita BPM through live
> exercises
> http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual-
> event?utm_
> source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF
> _______________________________________________
> PacketFence-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
>
------------------------------------------------------------------------------
BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT
Develop your own process in accordance with the BPMN 2 standard
Learn Process modeling best practices with Bonita BPM through live exercises
http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- event?utm_
source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
