It's just to have a fake mac that will trigger a security trap.
Le 2017-10-25 à 12:47, Matt Mossholder a écrit :
> OK... but if it is normal, what is the value of setting the allowed
> mac to the ifIndex-mapped MAC in the first place?
>
> --Matt
>
> On Wed, Oct 25, 2017 at 12:33 PM, Fabrice Durand via PacketFence-users
> <packetfence-users@lists.sourceforge.net
> <mailto:packetfence-users@lists.sourceforge.net>> wrote:
>
> Hello Matt,
>
> this is normal, PacketFence allowed the mac of the device and if
> you plug another device in the switch port then a new security
> trap will be sent to PacketFence.
>
> Regards
>
> Fabrice
>
>
>
> Le 2017-10-25 à 10:33, Matt Mossholder via PacketFence-users a écrit :
>> Hi everyone,
>> What is the rationale behind the ifIndex mapping for MAC
>> addresses when using Cisco switches? It seems odd, because after
>> someone connects to the port, PF changes the port security
>> settings to allow the new MAC, and never seems to revert to the
>> ifIndex-mapped MAC. Is this only a "first time" setting? I guess
>> what I am looking for is a bit of a backgrounder on why this is
>> required, so that I can ensure we are setting things up correctly.
>>
>>
>> --Matt
>>
>>
>>
>> ------------------------------------------------------------------------------
>> Check out the vibrant tech community on one of the world's most
>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>>
>>
>> _______________________________________________
>> PacketFence-users mailing list
>> PacketFence-users@lists.sourceforge.net
>> <mailto:PacketFence-users@lists.sourceforge.net>
>> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>> <https://lists.sourceforge.net/lists/listinfo/packetfence-users>
>
> --
> Fabrice Durand
> fdur...@inverse.ca <mailto:fdur...@inverse.ca> :: +1.514.447.4918
> <tel:%28514%29%20447-4918> (x135) :: www.inverse.ca <http://www.inverse.ca>
> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence
> (http://packetfence.org)
>
>
>
> ------------------------------------------------------------------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> _______________________________________________
> PacketFence-users mailing list
> PacketFence-users@lists.sourceforge.net
> <mailto:PacketFence-users@lists.sourceforge.net>
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
> <https://lists.sourceforge.net/lists/listinfo/packetfence-users>
>
>
--
Fabrice Durand
fdur...@inverse.ca :: +1.514.447.4918 (x135) :: www.inverse.ca
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence
(http://packetfence.org)
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users