Yep Fabrice, but I'm thinking....
My design assume that I've got a MGMT address in VLAN50. Vlan 50 arrive tagged to ZEN (VM got a Virtual Switch with VLAN ID 4095), so this is can be an issue, same is for OUT network... PF uses networks.conf only for routed network, correct? I need to discover where is all of configuration of your net -----Messaggio originale----- Da: Fabrice Durand via PacketFence-users [mailto:packetfence-users@lists.sourceforge.net] Inviato: lunedì 2 ottobre 2017 15.50 A: packetfence-users@lists.sourceforge.net Cc: Fabrice Durand <fdur...@inverse.ca> Oggetto: Re: [PacketFence-users] IP Revolution Hello Alessandro, what you probably have to do is to change the default route to use OUT and define in PacketFence configuration Interface SNAT to OUT. With that the OUT interface will be natted for the inline network and the default route will permit to pass through this interface. Regards Fabrice Le 2017-10-02 à 05:46, Alessandro Canella via PacketFence-users a écrit : > Hello All, > > I've built a PF ZEN environment for test purposes, based on 7.10 > > REG IF is 192.168.30.x/24, VLAN 30 > MGM IF is 153.47.30.0/25, VLAN 1 > > Now I need to go to production, but some ICT Security changes are happened. > > REG IF remain 192.168.30.x/24, VLAN 30 > MGM IF will be 10.206.1.128/25, VLAN 50 > OUT(OUTGOING TRAFFIC ) IF will flow via 192.168.0.0/24, VLAN 90 > > I've added virtual interfaces, on correct VLANs. To make it Simple I > think to change IP to old MGM (Eth0) interface assigning OUT IP > > So, first of all I need to gain access to MGMT portal in 10.206.1.128/25 IF, > I think shortest way is using some persistent route adding it in > /etc/sysconfig/network-scripts/route-eth0.50 maybe? > > After this I can change "old" master eth0 IP, and should be work? > > ---------------------------------------------------------------------- > -------- Check out the vibrant tech community on one of the world's > most engaging tech sites, Slashdot.org! http://sdm.link/slashdot > _______________________________________________ > PacketFence-users mailing list > PacketFence-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Fabrice Durand fdur...@inverse.ca :: +1.514.447.4918 (x135) :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://packetfence.org) ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
