Hello Nazim,
global config:
aaa group server radius PacketFence
server 192.168.0.1 auth-port 1812 acct-port 1813
!
!
aaa authentication dot1x default group PacketFence
aaa authorization network default group PacketFence
aaa accounting dot1x default start-stop group PacketFence
!
!
aaa server radius dynamic-author
client 192.168.0.1 server-key mypassword
port 3799
!
ip access-list extended registration
deny ip any host 192.168.0.1
deny udp any any eq domain
deny tcp any any eq domain
deny udp any any eq bootpc
deny udp any any eq bootps
permit tcp any any eq www
permit tcp any any eq 443
!
!
radius-server dead-criteria time 10 tries 3
radius-server host 192.168.0.1 auth-port 1812 acct-port 1813 key mypassword
radius-server deadtime 2
radius-server vsa send authentication
Port config :
int gi1/0/4
authentication event server dead action authorize
authentication event server dead action authorize voice
authentication host-mode multi-domain
authentication order dot1x mab
authentication port-control auto
authentication periodic
authentication timer restart 10800
authentication timer reauthenticate server
authentication timer inactivity server
authentication violation replace mab
dot1x pae authenticator
dot1x timeout quiet-period 2
dot1x timeout tx-period 3
switchport access voice vlan 60
And your setup is enough.
Regards
Fabrice
Le 2017-01-21 à 03:21, Nazim selaiman a écrit :
> Hi, i just want learning to control the nac and i choose the
> packetfence to try it. It also relate with my project education. I
> already install the packet fence at my virtual machine and it done..
> But i got problem to setup configuration on switch.. I am not
> understand step at the pdf packetfence guideline..can you help in or
> show me the switch configuration???
>
> *for information i use switch cisco 2960
> *for my project i just use a switch and laptop as a server and another
> 2 laptop set it as client is it enough??
>
>
> ------------------------------------------------------------------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, SlashDot.org! http://sdm.link/slashdot
>
>
> _______________________________________________
> PacketFence-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
--
Fabrice Durand
[email protected] :: +1.514.447.4918 (x135) :: www.inverse.ca
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence
(http://packetfence.org)
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
