> I hate to repeat myself, but...
>
> Can you share your switches.conf?
>
> Also, please paste the output of these two commands (scrub the
> passwords):
>
> # perl /usr/local/pf/addons/dev-helpers/dump.pl switches # perl
> /usr/local/pf/addons/dev-helpers/dump.pl config
>
>
Certainly; no problem, thanks again!
[Daniel V Muller]
switches.conf:
#
# Copyright 2006-2008 Inverse inc.
#
# See the enclosed file COPYING for license information (GPL).
# If you did not receive this file, see
# http://www.fsf.org/licensing/licenses/gpl.html
[default]
description=Switches Default Values
vlans=1,22,23,24,25,110,111,112
normalVlan=1
registrationVlan=110
isolationVlan=111
macDetectionVlan=112
voiceVlan=5
inlineVlan=6
inlineTrigger=
normalRole=Default_VLAN
VoIPEnabled=N
mode=registration
macSearchesMaxNb=2
macSearchesSleepInterval=6
VlanMap=Y
RoleMap=N
#uplink=dynamic
#
# SNMP section
#
# PacketFence -> Switch
SNMPVersion=1
SNMPCommunityRead=top_secret
SNMPCommunityWrite=top_secret
SNMPVersionTrap=1
SNMPCommunityTrap=public
Default_VLANVlan=1
General UseVlan=22
type=HP::Procurve_2600
IsolationVlan=111
LabVlan=23
uplink=49, 50
Lab NonconformingVlan=24
NoncompliantVlan=24
voiceRole=voice
NoncompliantRole=Noncompliant
macDetectionRole=macDetection
registrationRole=Registration
Default_VLANRole=Default_VLAN
General UseRole=General Use
guestRole=guest
inlineRole=Inline
LabRole=Lab
isolationRole=Isolation
IsolationRole=Isolation
deauthMethod=SNMP
FMVlan=25
WirelessVlan=31
ClimsBypassVlan=60
ClimsBypassRole=ClimsBypass
uplink_dynamic=0
NBSVlan=61
RILVlan=62
AccessListMap=N
[10.56.111.218]
mode=production
Default_VLANVlan=122
description=01RD13DS1
SNMPVersionTrap=2c
General UseVlan=1
type=Cisco::Catalyst_3560
VoIPEnabled=Y
SNMPVersion=2c
uplink=dynamic
[root@nupf pf]#
[root@nupf pf]# perl /usr/local/pf/addons/dev-helpers/dump.pl switches
$VAR1 = {
'10.56.111.218' => {
'RoleMap' => 'N',
'wsPwd' => '',
'voiceRole' => 'voice',
'inlineTrigger' => [],
'normalRole' => 'Default_VLAN',
'mode' => 'production',
'SNMPCommunityRead' => 'top_secret',
'WirelessVlan' => '31',
'VlanMap' => 'Y',
'RILVlan' => '62',
'SNMPCommunityWrite' => 'top_secret',
'cliUser' => undef,
'NBSVlan' => '61',
'NoncompliantRole' => 'Noncompliant',
'roles' => {
'Isolation' => 'Isolation',
'isolation' => 'Isolation',
'inline' => 'Inline',
'Default_VLAN' => 'Default_VLAN',
'normal' => 'Default_VLAN',
'ClimsBypass' => 'ClimsBypass',
'registration' => 'Registration',
'voice' => 'voice',
'Noncompliant' => 'Noncompliant',
'macDetection' => 'macDetection',
'General Use' => 'General Use',
'Lab' => 'Lab',
'guest' => 'guest'
},
'access_lists' => {},
'Default_VLANVlan' => '122',
'deauthMethod' => 'SNMP',
'AccessListMap' => 'N',
'macDetectionRole' => 'macDetection',
'description' => '01RD13DS1',
'SNMPVersionTrap' => '2c',
'registrationRole' => 'Registration',
'General UseVlan' => '1',
'General UseRole' => 'General Use',
'Default_VLANRole' => 'Default_VLAN',
'type' => 'Cisco::Catalyst_3560',
'IsolationVlan' => '111',
'macDetectionVlan' => '112',
'cliPwd' => undef,
'ClimsBypassVlan' => '60',
'VoIPEnabled' => 1,
'LabVlan' => '23',
'isolationVlan' => '111',
'uplink_dynamic' => '0',
'SNMPVersion' => '2c',
'guestRole' => 'guest',
'cliEnablePwd' => undef,
'ClimsBypassRole' => 'ClimsBypass',
'inlineRole' => 'Inline',
'uplink' => [
'dynamic'
],
'SNMPCommunityTrap' => 'public',
'Lab NonconformingVlan' => '24',
'vlans' => {
'Isolation' => '111',
'Default_VLAN' => '122',
'FM' => '25',
'normal' => '1',
'Wireless' => '31',
'registration' => '110',
'NBS' => '61',
'Noncompliant' => '24',
'General Use' => '1',
'Lab' => '23',
'inline' => '6',
'RIL' => '62',
'isolation' => '111',
'ClimsBypass' => '60',
'Lab Nonconforming' => '24',
'voice' => '5',
'macDetection' => '112'
},
'macSearchesMaxNb' => '2',
'normalVlan' => '1',
'wsUser' => undef,
'FMVlan' => '25',
'registrationVlan' => '110',
'LabRole' => 'Lab',
'voiceVlan' => '5',
'isolationRole' => 'Isolation',
'macSearchesSleepInterval' => '6',
'NoncompliantVlan' => '24',
'inlineVlan' => '6',
'IsolationRole' => 'Isolation'
},
'127.0.0.1' => {
'RoleMap' => 'N',
'inlineTrigger' => [],
'voiceRole' => 'voice',
'wsPwd' => '',
'normalRole' => 'Default_VLAN',
'mode' => 'production',
'SNMPCommunityRead' => 'top_secret',
'WirelessVlan' => '31',
'VlanMap' => 'Y',
'SNMPCommunityWrite' => 'top_secret',
'RILVlan' => '62',
'cliUser' => undef,
'NBSVlan' => '61',
'NoncompliantRole' => 'Noncompliant',
'roles' => {
'Isolation' => 'Isolation',
'isolation' => 'Isolation',
'inline' => 'Inline',
'Default_VLAN' => 'Default_VLAN',
'normal' => 'Default_VLAN',
'ClimsBypass' => 'ClimsBypass',
'registration' => 'Registration',
'voice' => 'voice',
'Noncompliant' => 'Noncompliant',
'macDetection' => 'macDetection',
'General Use' => 'General Use',
'Lab' => 'Lab',
'guest' => 'guest'
},
'access_lists' => {},
'Default_VLANVlan' => '1',
'deauthMethod' => 'SNMP',
'macDetectionRole' => 'macDetection',
'AccessListMap' => 'N',
'description' => 'Switches Default Values',
'SNMPVersionTrap' => '1',
'General UseVlan' => '22',
'registrationRole' => 'Registration',
'Default_VLANRole' => 'Default_VLAN',
'General UseRole' => 'General Use',
'type' => 'PacketFence',
'IsolationVlan' => '111',
'macDetectionVlan' => '112',
'cliPwd' => undef,
'ClimsBypassVlan' => '60',
'VoIPEnabled' => 0,
'LabVlan' => '23',
'isolationVlan' => '111',
'uplink_dynamic' => '0',
'SNMPVersion' => '1',
'guestRole' => 'guest',
'inlineRole' => 'Inline',
'ClimsBypassRole' => 'ClimsBypass',
'cliEnablePwd' => undef,
'uplink' => [
'dynamic'
],
'SNMPCommunityTrap' => 'public',
'Lab NonconformingVlan' => '24',
'vlans' => {
'Isolation' => '111',
'Default_VLAN' => '1',
'FM' => '25',
'normal' => '1',
'Wireless' => '31',
'registration' => '110',
'NBS' => '61',
'Noncompliant' => '24',
'General Use' => '22',
'Lab' => '23',
'inline' => '6',
'RIL' => '62',
'isolation' => '111',
'ClimsBypass' => '60',
'Lab Nonconforming' => '24',
'voice' => '5',
'macDetection' => '112'
},
'macSearchesMaxNb' => '2',
'normalVlan' => '1',
'wsUser' => undef,
'registrationVlan' => '110',
'FMVlan' => '25',
'voiceVlan' => '5',
'LabRole' => 'Lab',
'NoncompliantVlan' => '24',
'macSearchesSleepInterval' => '6',
'isolationRole' => 'Isolation',
'inlineVlan' => '6',
'IsolationRole' => 'Isolation'
},
'default' => {
'RoleMap' => 'N',
'wsPwd' => '',
'voiceRole' => 'voice',
'inlineTrigger' =>
$VAR1->{'127.0.0.1'}{'inlineTrigger'},
'normalRole' => 'Default_VLAN',
'mode' => 'registration',
'SNMPCommunityRead' => 'top_secret',
'WirelessVlan' => '31',
'VlanMap' => 'Y',
'RILVlan' => '62',
'SNMPCommunityWrite' => 'top_secret',
'cliUser' => undef,
'NBSVlan' => '61',
'NoncompliantRole' => 'Noncompliant',
'roles' => $VAR1->{'127.0.0.1'}{'roles'},
'access_lists' => $VAR1->{'127.0.0.1'}{'access_lists'},
'Default_VLANVlan' => '1',
'deauthMethod' => 'SNMP',
'AccessListMap' => 'N',
'macDetectionRole' => 'macDetection',
'description' => 'Switches Default Values',
'SNMPVersionTrap' => '1',
'registrationRole' => 'Registration',
'General UseVlan' => '22',
'General UseRole' => 'General Use',
'Default_VLANRole' => 'Default_VLAN',
'type' => 'HP::Procurve_2600',
'IsolationVlan' => '111',
'macDetectionVlan' => '112',
'cliPwd' => undef,
'ClimsBypassVlan' => '60',
'VoIPEnabled' => 0,
'LabVlan' => '23',
'isolationVlan' => '111',
'uplink_dynamic' => '0',
'SNMPVersion' => '1',
'guestRole' => 'guest',
'cliEnablePwd' => undef,
'ClimsBypassRole' => 'ClimsBypass',
'inlineRole' => 'Inline',
'SNMPCommunityTrap' => 'public',
'uplink' => [
'49',
'50'
],
'Lab NonconformingVlan' => '24',
'macSearchesMaxNb' => '2',
'vlans' => $VAR1->{'127.0.0.1'}{'vlans'},
'normalVlan' => '1',
'wsUser' => undef,
'FMVlan' => '25',
'registrationVlan' => '110',
'LabRole' => 'Lab',
'voiceVlan' => '5',
'isolationRole' => 'Isolation',
'macSearchesSleepInterval' => '6',
'NoncompliantVlan' => '24',
'inlineVlan' => '6',
'IsolationRole' => 'Isolation'
}
};
[root@nupf pf]# perl /usr/local/pf/addons/dev-helpers/dump.pl config
$VAR1 = {
'webservices' => {
'proto' => 'http',
'pass' => '',
'user' => '',
'aaa_port' => '7070',
'port' => '9090',
'host' => '127.0.0.1'
},
'general' => {
'memcached' => '127.0.0.1:11211',
'domain' => 'wadsworth.org',
'timezone' => 'America/Montreal',
'dnsservers' => '199.184.30.54,199.184.28.129',
'hostname' => 'nupf',
'dhcpservers' =>
'199.184.30.27,10.50.156.21,10.49.66.7,10.57.48.14,199.184.28.130'
},
'network' => {
'dhcp_filter_by_message_types' => [
'DHCPOFFER',
'DHCPREQUEST',
'DHCPDECLINE',
'DHCPACK',
'DHCPRELEASE'
],
'rogueinterval' => '10',
'rogue_dhcp_detection' => 'enabled',
'interfaceSNAT' => '',
'dhcpdetector' => 'enabled',
'dhcpoption82logger' => 'disabled'
},
'omapi' => {
'key_base64' => '',
'ip2mac_lookup' => 'enabled',
'port' => '7911',
'key_name' => 'pf_omapi_key',
'host' => 'localhost',
'mac2ip_lookup' => 'enabled'
},
'proxies' => {
'tools/stinger.exe' =>
'http://download.nai.com/products/mcafee-avert/stng260.exe'
},
'advanced' => {
'hashing_cost' => '8',
'pfcmd_warning_color' => 'yellow',
'hash_passwords' => 'bcrypt',
'reevaluate_access_reasons' =>
'node_modify,manage_register,manage_deregister,manage_vclose,manage_vopen,violation_modify,violation_add,violation_delete,redir.cgi,pfcmd_vlan',
'pfcmd_success_color' => 'green',
'pfcmd_error_color' => 'red'
},
'registration' => {
'device_registration_role' => '',
'device_registration' => 'disabled',
'button_text' => 'Register'
},
'trapping' => {
'interception_proxy' => 'enabled',
'wireless_ips_threshold' => '90',
'wireless_ips' => 'disabled',
'detection_engine' => 'snort',
'detection' => 'disabled',
'interception_proxy_port' => '3128,8080',
'range' => '10.67.248.0/24,10.67.252.0/24',
'whitelist' => '',
'registration' => 'enabled',
'proxy_passthroughs' => [
'inside.wadsworth.org',
'admin.wadsworth.org',
'loki.wadsworth.org',
'info.wadsworth.org',
'crl.geotrust.com',
'ocsp.geotrust.com',
'crl.thawte.com',
'ocsp.thawte.com',
'crl.comodoca.com',
'ocsp.comodoca.com',
'crl.incommon.org',
'ocsp.incommon.org',
'crl.usertrust.com',
'ocsp.usertrust.com',
'mscrl.microsoft.com',
'crl.microsoft.com',
'ocsp.apple.com',
'ocsp.digicert.com',
'ocsp.entrust.com',
'srvintl-crl.verisign.com',
'ocsp.verisign.com',
'ctldl.windowsupdate.com',
'crl.globalsign.net',
'pki.google.com',
'www.microsoft.com',
'crl.godaddy.com',
'ocsp.godaddy.com',
'certificates.godaddy.com'
],
'passthroughs' => [],
'redirtimer' => '20',
'wait_for_redirect' => '1',
'passthrough' => 'enabled'
},
'guests_admin_registration' => {
'default_access_duration' =>
'3MF+0D',
'access_duration_choices' =>
'1DF+0D,1WF+0D,3MF+0D,1YF+1D,3YF'
},
'maintenance' => {
'httpd_portal_cleanup_interval' => '60',
'locationlog_cleanup_interval' => '60',
'iplog_cleanup_batch' => '100',
'violation_maintenance_batch' => '1000',
'traplog_cleanup_interval' => '60',
'violation_maintenance_timeout' => '10',
'violation_maintenance_interval' => '60',
'inline_accounting_maintenance_interval' => '60',
'acct_maintenance_interval' => '60',
'iplog_cleanup_interval' => '60',
'iplog_cleanup_timeout' => '10',
'nodes_maintenance_interval' => '60',
'provisioning_compliance_poll_interval' => '300',
'ldap_auth_cache_cleanup_interval' => '600',
'locationlog_cleanup_batch' => '100',
'node_cleanup_interval' => '60',
'locationlog_cleanup_timeout' => '10',
'httpd_admin_cleanup_interval' => '60'
},
'alerting' => {
'wins_server' => '192.168.0.100',
'fromaddr' => '',
'emailaddr' => '[email protected]',
'smtpserver' => 'smtp.wadsworth.org',
'admin_netbiosname' => 'EXAMPLE',
'log' => '/usr/local/pf/logs/violation.log',
'subjectprefix' => 'PKFN ALERT:'
},
'node_import' => {
'pid' => 'default',
'category' => 'default',
'voip' => 'no'
},
'captive_portal' => {
'loadbalancers_ip' => '',
'image_path' =>
'/common/network-access-detection.gif',
'network_detection' => 'enabled',
'secure_redirect' => 'disabled',
'status_only_on_production' => 'disabled',
'network_detection_ip' => '10.50.156.69'
},
'inline' => {
'layer3_accounting_sync_interval' => '41',
'ports_redirect' => '80/tcp,443/tcp',
'layer3_accounting_session_timeout' => '300',
'interfaceSNAT' => '',
'should_reauth_on_vlan_change' => 'disabled',
'accounting' => 'disabled'
},
'services' => {
'radiusd' => 'disabled',
'httpd_mod_qos_maximum_connections_per_device' => '5',
'suricata_binary' => '/usr/bin/suricata',
'radiusd_binary' => '/usr/sbin/radiusd',
'pfsetvlan' => 'enabled',
'memcached_binary' => '/usr/bin/memcached',
'dhcpd_binary' => '/usr/sbin/dhcpd',
'iptables_binary' => '/sbin/iptables',
'keepalived' => 'enabled',
'snmptrapd' => 'enabled',
'pfbandwidthd' => 'disabled',
'memcached_memory_usage' => '64',
'iptables' => 'disabled',
'haproxy' => 'enabled',
'memcached_max_item_size' => '1M',
'suricata' => 'disabled',
'keepalived_binary' => '/usr/sbin/keepalived',
'haproxy_binary' => '/usr/sbin/haproxy',
'snort_binary' => '/usr/sbin/snort',
'httpd_portal' => 'enabled',
'httpd_webservices' => 'enabled',
'httpd_binary' => '/usr/sbin/httpd',
'pfmon' => 'enabled',
'pfdhcplistener' => 'enabled',
'snmptrapd_binary' => '/usr/sbin/snmptrapd',
'pfdns' => 'enabled',
'httpd_admin' => 'enabled',
'httpd_mod_qos' => 'disabled',
'httpd_proxy' => 'enabled',
'arp_binary' => '/sbin/arp',
'snort' => 'disabled',
'memcached' => 'enabled',
'httpd_aaa' => 'enabled',
'dhcpd' => 'enabled'
},
'interface eth0.110' => {
'enforcement' => 'vlan',
'ip' => '10.67.248.3',
'type' => 'internal',
'mask' => '255.255.255.0'
},
'interface eth0.111' => {
'enforcement' => 'vlan',
'ip' => '10.67.252.3',
'type' => 'internal',
'mask' => '255.255.255.0'
},
'guests_self_registration' => {
'preregistration' => 'disabled',
'guest_pid' => 'email',
'sponsorship_cc' => ''
},
'vlan' => {
'trap_limit_action' => '',
'nbtrapparserthreads' => '3',
'trap_limit' => 'enabled',
'nbtraphandlerthreads' => '5',
'bounce_duration' => '4',
'trap_limit_threshold' => '100',
'closelocationlogonstop' => 'enabled'
},
'provisioning' => {
'autoconfig' => 'disabled',
'certificate' => '',
'category' => 'any',
'ssid' => 'SSID-Hidden'
},
'active_active' => {
'password' => '1234',
'virtual_router_id' => '50'
},
'database' => {
'pass' => 'Top_secret',
'db' => 'pf',
'user' => 'pkfn',
'port' => '3306',
'host' => 'localhost'
},
'ports' => {
'pf_status' => '9191',
'admin' => '1443',
'soap' => '9090',
'aaa' => '7070'
},
'monitoring' => {
'statsd_host' => 'localhost',
'statsd_port' => '8125'
},
'scan' => {
'pass' => 'Top_secret',
'openvas_configid' => '',
'openvas_port' => '9390',
'nessus_port' => '8834',
'openvas_reportformatid' =>
'f5c2a364-47d2-4700-b21d-0a7693daddab',
'duration' => 600,
'dot1x_type' => 'MS-CHAP-V2',
'host' => 'vnix.wadsworth.org',
'registration' => 'disabled',
'engine' => 'nessus',
'dot1x' => 'disabled',
'user' => 'pkfn',
'nessus_clientpolicy' => 'basic-policy'
},
'interface eth1' => {
'ip' => '10.50.156.69',
'type' => 'management',
'mask' => '255.255.254.0'
},
'expire' => {
'httpd_admin' => 'enabled',
'ldap_auth' => 'enabled',
'iplog' => 10368000,
'httpd_portal' => 'enabled',
'locationlog' => 5184000,
'traplog' => 5184000,
'node' => 10368000
},
'billing' => {
'mirapay_terminal_id_group' => '',
'authorizenet_posturl' =>
'https://test.authorize.net/gateway/transact.dll',
'gateway' => 'authorize_net',
'mirapay_url' =>
'https://ms1.eigendev.com/OFT/EigenOFT_d.php',
'authorizenet_login' => '',
'mirapay_currency' => 'USD',
'mirapay_hash_password' => '',
'mirapay_terminal_id' => '',
'authorizenet_trankey' => ''
},
'servicewatch' => {
'restart' => 'disabled',
'email' => 'enabled'
}
};
------------------------------------------------------------------------------
One dashboard for servers and applications across Physical-Virtual-Cloud
Widest out-of-the-box monitoring support with 50+ applications
Performance metrics, stats and reports that give you Actionable Insights
Deep dive visibility with transaction tracing using APM Insight.
http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
