Hello André,
yes i did that a long time ago:
https://github.com/inverse-inc/packetfence/commit/9d47649dd8d133b233d313d2c80e94421c38caaa#diff-53248f7bb6c533be6a5b55ec361b3238
Also the note i took:
1 Enter global configuration mode and define the RADIUS server.
console#configure
console(config)#radius-server host auth 10.34.200.30
console(Config-auth-radius)#name PacketFence
console(Config-auth-radius)#usage 802.1x
console(Config-auth-radius)#key s3cr3t
console(Config-auth-radius)#exit
console(Config)#aaa server radius dynamic-author
console(config-radius-da)#client 10.34.200.30 server-key s3cr3t
console(config-radius-da)#auth-type all
console(config-radius-da)#exit
2 Enable authentication and globally enable 802.1x client authentication
via RADIUS:
console(config)#authentication enable
console(config)#aaa authentication dot1x default radius
console(config)#aaa authorization network default radius
console(config)#dot1x system-auth-control
(Optional)
console(Config)#dot1x dynamic-vlan enable
3 On the interface, enable MAC based authentication mode, enable MAB,
and set the order of authentication to 802.1X followed by MAC
authentication. Also enable periodic re-authentication.
console(config)#interface te1/0/4
console(config-if-Te1/0/4)#dot1x port-control mac-based
console(config-if-Te1/0/4)#dot1x mac-auth-bypass
console(config-if-Te1/0/4)#authentication order dot1x mab
console(config-if-Te1/0/4)#dot1x reauthentication
console(config-if-Te1/0/4)#exit
authentication order mab
authentication priority mab
Le 2018-01-03 à 09:18, André Scrivener a écrit :
> Hey,
>
> I configured interface 15 manually to use only vlan 2 (registry), and
> I was assigned registry address addressing (192.168.2.0/24
> <http://192.168.2.0/24>)
>
> Following config switch:
>
> interface Gi1/0/15
> switchport access vlan 2
> dot1x port-control force-authorized
> exit
>
>
> Following logs packetfence:
>
> Jan 3 12:14:41 packetfence pfqueue: pfqueue(24777) INFO:
> [mac:84:7b:eb:e3:84:42] oldip (172.16.0.10) and newip (192.168.2.10)
> are different for 84:7b:eb:e3:84:42 - closing ip4log entry
> (pf::api::update_ip4log)
>
>
>
> console#show mac address-table vlan 2
>
> Aging time is 300 Sec
>
> Vlan Mac Address Type Port
> -------- --------------------- ----------- ---------------------
> 2 0800.2735.FCC4 Dynamic Gi1/0/11/- Packetfence/
> 2 847B.EBE3.8442 Dynamic Gi1/0/15/- Test machine/
>
>
> You may notice that now the mac address of packetfence is in vlan 2.
>
> Have you already configured dell switch switches?
>
> Any idea??
>
>
> 2018-01-03 10:59 GMT-03:00 Fabrice Durand <fdur...@inverse.ca
> <mailto:fdur...@inverse.ca>>:
>
> Hum strange.
>
> What you can try is to define an interface in the vlan 2 (manually
> on an switch port) and plug your test machine in it. (you must
> receive an ip from PacketFence).
>
> If you receive an ip from the 172.16.0.0/24 <http://172.16.0.0/24>
> then it mean that you have a switch configuration issue. (any
> layer 3 interfaces defined in the vlan 2 ?).
>
> Also what i can see is that there is no mac in the vlan 2 and the
> vlan 3 for the interface 11.
>
> You should have something like that too:
>
> 2 08:00:27:35:fc:c4 Dynamic Gi1/0/11/- PacketFence Reg
> /
>
> 3 08:00:27:35:fc:c4 Dynamic Gi1/0/11/- PacketFence Isol/
>
> Regards
> Fabrice
>
>
> Le 2018-01-02 à 13:55, André Scrivener a écrit :
>> Opss, Fabrice!
>>
>> I forgot an information, the MAC addresses on the switch.
>>
>> By the logs, it is in VLAN 2, the correct vlan.
>>
>> Right now I do not understand, because it does not assign the
>> correct address
>>
>>
>> console#show mac address-table
>>
>> Aging time is 300 Sec
>>
>> Vlan Mac Address Type Port
>> -------- --------------------- ----------- ---------------------
>> 1 0800.2700.58E2 Dynamic Gi1/0/11 /- Windows
>> Server 2008/
>> 1 0800.2735.FCC4 Dynamic Gi1/0/11/- PacketFence/
>> 1 1418.77EA.F0A3 Management Vl1 / - Switch Dell/
>> 1 641C.XXXXXXXXX Dynamic Gi1/0/11 /- My
>> physical pc/
>> 2 847B.EBE3.8442 Dynamic Gi1/0/13 /- My test
>> machine/
>>
>> Total MAC Addresses in use: 5
>>
>> console#show mac address-table interface Gi1/0/13
>>
>> Aging time is 300 Sec
>>
>> Vlan Mac Address Type Port
>> -------- --------------------- ----------- ---------------------
>> 2 847B.EBE3.8442 Dynamic Gi1/0/13/- My test
>> machine/
>>
>>
>> console#
>>
>>
>> 2018-01-02 15:22 GMT-03:00 André Scrivener
>> <andr3.scrive...@gmail.com <mailto:andr3.scrive...@gmail.com>>:
>>
>> Hello Fabrice,
>>
>> I simplified the environment, I'm using only 1 interface!
>>
>>
>> enp0s3: Management - DHCP FROM WINDOWS SERVER
>> enp0s3 VLAN 2: Registration - DHCP ENABLE
>> enp0s3 VLAN 3: Isolation - DHCP ENABLE
>> enp0s3 VLAN 10: Normal - NO DHCP
>>
>> IP Address Switch Managed: 172.16.0.50
>> Interface 11: My physical machine, and virtual machine
>> (virtualbox) where is the PacketFence (interface mode bridge)
>> Interface 23: My client test Windows 8 (interface mode bridge)
>>
>>
>> Problem continue, in the logs it returns to vlan correct, but
>> does not assign to the computer, it stubborn in assigning the
>> network 172.16.0.0/24 <http://172.16.0.0/24> (Management
>> Network).
>>
>>
>> root@packetfence ~]# tailf /usr/local/pf/logs/packetfence.log
>> Jan 2 14:03:10 packetfence packetfence_httpd.aaa:
>> httpd.aaa(30935) INFO: [mac:84:7b:eb:e3:84:42] handling
>> radius autz request: from switch_ip => (172.16.0.50),
>> connection_type => WIRED_MAC_AUTH,switch_mac =>
>> (14:18:77:ea:f0:a2), mac => [84:7b:eb:e3:84:42], port => 13,
>> username => "847BEBE38442" (pf::radius::authorize)
>> Jan 2 14:03:10 packetfence packetfence_httpd.aaa:
>> httpd.aaa(30935) INFO: [mac:84:7b:eb:e3:84:42] Instantiate
>> profile default (pf::Connection::ProfileFactory::_from_profile)
>> Jan 2 14:03:10 packetfence packetfence_httpd.aaa:
>> httpd.aaa(30935) INFO: [mac:84:7b:eb:e3:84:42] is of status
>> unreg; belongs into registration VLAN
>> (pf::role::getRegistrationRole)
>> Jan 2 14:03:10 packetfence packetfence_httpd.aaa:
>> httpd.aaa(30935) INFO: [mac:84:7b:eb:e3:84:42] (172.16.0.50)
>> Added VLAN 2 to the returned RADIUS Access-Accept
>> (pf::Switch::returnRadiusAccessAccept)
>>
>>
>>
>> [root@packetfence ~]# tailf /usr/local/pf/logs/radius.log
>> Jan 2 14:03:10 packetfence auth[31813]: Need 1 more
>> connections to reach min connections (3)
>> Jan 2 14:03:10 packetfence auth[31813]: rlm_rest (rest):
>> Opening additional connection (15), 1 of 62 pending slots used
>> Jan 2 14:03:10 packetfence auth[31813]: Need 7 more
>> connections to reach 10 spares
>> Jan 2 14:03:10 packetfence auth[31813]: rlm_sql (sql):
>> Opening additional connection (18), 1 of 61 pending slots used
>> Jan 2 14:03:10 packetfence auth[31813]:
>> [mac:84:7b:eb:e3:84:42] Accepted user: and returned VLAN 2
>> Jan 2 14:03:10 packetfence auth[31813]: (32) Login OK:
>> [847BEBE38442] (from client 172.16.0.50 port 13 cli
>> 84:7b:eb:e3:84:42)
>>
>>
>>
>>
>> Follow network settings:
>>
>> [root@packetfence ~]# ifconfig
>> enp0s3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
>> inet 172.16.0.2 netmask 255.255.255.0 broadcast
>> 172.16.0.255
>> inet6 fe80::a00:27ff:fe35:fcc4 prefixlen 64 scopeid
>> 0x20<link>
>> ether 08:00:27:35:fc:c4 txqueuelen 1000 (Ethernet)
>> RX packets 560936 bytes 711890423 (678.9 MiB)
>> RX errors 0 dropped 0 overruns 0 frame 0
>> TX packets 153523 bytes 23163746 (22.0 MiB)
>> TX errors 0 dropped 0 overruns 0 carrier 0
>> collisions 0
>>
>> enp0s3.2: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
>> inet 192.168.2.2 netmask 255.255.255.0 broadcast
>> 192.168.2.255
>> inet6 fe80::a00:27ff:fe35:fcc4 prefixlen 64 scopeid
>> 0x20<link>
>> ether 08:00:27:35:fc:c4 txqueuelen 1000 (Ethernet)
>> RX packets 0 bytes 0 (0.0 B)
>> RX errors 0 dropped 0 overruns 0 frame 0
>> TX packets 10 bytes 732 (732.0 B)
>> TX errors 0 dropped 0 overruns 0 carrier 0
>> collisions 0
>>
>> enp0s3.3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
>> inet 192.168.3.2 netmask 255.255.255.0 broadcast
>> 192.168.3.255
>> inet6 fe80::a00:27ff:fe35:fcc4 prefixlen 64 scopeid
>> 0x20<link>
>> ether 08:00:27:35:fc:c4 txqueuelen 1000 (Ethernet)
>> RX packets 0 bytes 0 (0.0 B)
>> RX errors 0 dropped 0 overruns 0 frame 0
>> TX packets 10 bytes 732 (732.0 B)
>> TX errors 0 dropped 0 overruns 0 carrier 0
>> collisions 0
>>
>> enp0s3.10: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
>> inet 192.168.1.1 netmask 255.255.255.0 broadcast
>> 192.168.1.255
>> inet6 fe80::a00:27ff:fe35:fcc4 prefixlen 64 scopeid
>> 0x20<link>
>> ether 08:00:27:35:fc:c4 txqueuelen 1000 (Ethernet)
>> RX packets 0 bytes 0 (0.0 B)
>> RX errors 0 dropped 0 overruns 0 frame 0
>> TX packets 10 bytes 732 (732.0 B)
>> TX errors 0 dropped 0 overruns 0 carrier 0
>> collisions 0
>>
>> lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
>> inet 127.0.0.1 netmask 255.0.0.0
>> inet6 ::1 prefixlen 128 scopeid 0x10<host>
>> loop txqueuelen 1 (Loopback Local)
>> RX packets 1162494 bytes 167041449 (159.3 MiB)
>> RX errors 0 dropped 0 overruns 0 frame 0
>> TX packets 1162494 bytes 167041449 (159.3 MiB)
>> TX errors 0 dropped 0 overruns 0 carrier 0
>> collisions 0
>>
>> [root@packetfence ~]#
>>
>>
>>
>> [root@packetfence ~]# cat /usr/local/pf/conf/networks.co
>> <http://networks.co>nf
>> [192.168.3.0]
>> dns=192.168.3.2
>> dhcp_start=192.168.3.10
>> gateway=192.168.3.2
>> domain-name=vlan-isolation.scrivener.com.br
>> <http://vlan-isolation.scrivener.com.br>
>> nat_enabled=disabled
>> named=enabled
>> dhcp_max_lease_time=30
>> fake_mac_enabled=disabled
>> dhcpd=enabled
>> dhcp_end=192.168.3.246
>> type=vlan-isolation
>> netmask=255.255.255.0
>> dhcp_default_lease_time=30
>>
>> [192.168.2.0]
>> dns=192.168.2.2
>> dhcp_start=192.168.2.10
>> gateway=192.168.2.2
>> domain-name=vlan-registration.scrivener.com.br
>> <http://vlan-registration.scrivener.com.br>
>> nat_enabled=disabled
>> named=enabled
>> dhcp_max_lease_time=30
>> fake_mac_enabled=disabled
>> dhcpd=enabled
>> dhcp_end=192.168.2.246
>> type=vlan-registration
>> netmask=255.255.255.0
>> dhcp_default_lease_time=30
>> [root@packetfence ~]#
>>
>>
>>
>> [root@packetfence ~]# cat /usr/local/pf/conf/switches.co
>> <http://switches.co>nf
>> [172.16.0.50]
>> mode=production
>> defaultVlan=10
>> deauthMethod=RADIUS
>> description=SWITCH DELL - 172.16.0.50
>> type=Dell::N1500
>> radiusSecret=useStrongerSecret
>> SNMPVersion=2c
>>
>> #
>> # Copyright (C) 2005-2017 Inverse inc.
>> #
>> # See the enclosed file COPYING for license information (GPL).
>> # If you did not receive this file, see
>> # http://www.fsf.org/licensing/licenses/gpl.html
>> <http://www.fsf.org/licensing/licenses/gpl.html>
>> [192.168.0.1]
>> description=Test Switch
>> type=Cisco::Catalyst_2900XL
>> mode=production
>> uplink=23,24
>>
>> #SNMPVersion = 3
>> #SNMPEngineID = 0000000000000
>> #SNMPUserNameRead = readUser
>> #SNMPAuthProtocolRead = MD5
>> #SNMPAuthPasswordRead = authpwdread
>> #SNMPPrivProtocolRead = DES
>> #SNMPPrivPasswordRead = privpwdread
>> #SNMPUserNameWrite = writeUser
>> #SNMPAuthProtocolWrite = MD5
>> #SNMPAuthPasswordWrite = authpwdwrite
>> #SNMPPrivProtocolWrite = DES
>> #SNMPPrivPasswordWrite = privpwdwrite
>> #SNMPVersionTrap = 3
>> #SNMPUserNameTrap = readUser
>> #SNMPAuthProtocolTrap = MD5
>> #SNMPAuthPasswordTrap = authpwdread
>> #SNMPPrivProtocolTrap = DES
>> #SNMPPrivPasswordTrap = privpwdread
>> [192.168.1.0/24 <http://192.168.1.0/24>]
>> description=Test Range Switch
>> type=Cisco::Catalyst_2900XL
>> mode=production
>> uplink=23,24
>> [root@packetfence ~]#
>>
>>
>> Follow switch configuration:
>>
>> Following the configuration of the manual, the model of my
>> switch is DELL n1548.
>>
>> (https://packetfence.org/doc/PacketFence_Network_Devices_Configuration_Guide.html#_dell
>>
>> <https://packetfence.org/doc/PacketFence_Network_Devices_Configuration_Guide.html#_dell>)
>>
>>
>> console#show running-config
>>
>> !Current Configuration:
>> !System Description "Dell Networking N1548, 6.2.6.6, Linux 3.6.5"
>> !System Software Version 6.2.6.6
>> !
>> configure
>> vlan 2-5,10,100
>> exit
>> vlan 2
>> name "Registration"
>> exit
>> vlan 3
>> name "Isolation"
>> exit
>> vlan 4
>> name "Mac detection"
>> exit
>> vlan 5
>> name "Guest"
>> exit
>> vlan 100
>> name "VoIP"
>> exit
>> stack
>> member 1 3 ! N1548
>> exit
>> interface vlan 1
>> ip address 172.16.0.50 255.255.255.0
>> exit
>> authentication enable
>> dot1x system-auth-control
>> aaa authentication dot1x default radius
>> aaa authorization network default radius
>> dot1x dynamic-vlan enable
>> voice vlan
>> aaa server radius dynamic-author
>> client 172.16.0.2 server-key "useStrongerSecret"
>> exit
>> radius-server host auth 172.16.0.2
>> name "PacketFence"
>> usage 802.1x
>> key "useStrongerSecret"
>> exit
>> !
>> interface Gi1/0/11
>> switchport mode trunk
>> switchport trunk allowed vlan 1-5,100
>> dot1x port-control force-authorized
>> exit
>> !
>> interface Gi1/0/13
>> switchport voice detect auto
>> switchport mode general
>> switchport access vlan 10
>> dot1x port-control mac-based
>> dot1x reauthentication
>> dot1x mac-auth-bypass
>> authentication order mab
>> authentication priority mab
>> lldp transmit-tlv sys-desc sys-cap
>> lldp transmit-mgmt
>> lldp notification
>> lldp med confignotification
>> voice vlan 100
>> exit
>> snmp-server engineid local 800002a203141877eaf0a0
>> snmp-server community "private" rw
>> snmp-server community "public" ro
>> exit
>>
>> console#
>>
>>
>>
>>
>> I still do not understand where the error is. Any idea
>>
>>
>> 2017-12-29 11:15 GMT-03:00 Fabrice Durand via
>> PacketFence-users <packetfence-users@lists.sourceforge.net
>> <mailto:packetfence-users@lists.sourceforge.net>>:
>>
>> Hello André,
>>
>> First you need to check on the switch side if the mac
>> address of the device is in the vlan 300.
>>
>> Next a registration vlan is a vlan managed by
>> PacketFence, so you need to enable dhcp on the vlan 300
>> and 600.
>>
>> Another thing i can see is that the interface enp0s8.300
>> (vlan 300) use the network 172.17.0.0/24
>> <http://172.17.0.0/24> and it should be 172.16.0.0/24
>> <http://172.16.0.0/24> ?! (but enp0s8 use this network).
>>
>> So i my opinion, you probably mess up the vlan/interface
>> config.
>>
>> If enp0s8 interface is really on the vlan 300 then
>> enp0s8.300 is useless and you probably have to use the
>> vlan 301 as the registration network.
>>
>> Last things, be sure that enp0s8 is plugged on a trunk
>> port and be sure that you define all the vlans in your
>> switch configuration.
>>
>> Regards
>> Fabrice
>>
>>
>>
>>
>> Le 2017-12-29 à 08:50, André Scrivener via
>> PacketFence-users a écrit :
>>> I'm configuring pf as vlan enforcement, but I'm having a
>>> problem, where vlans with their respective IPs are not
>>> being assigned. In the logs it returns the correct
>>> vlans, but does not apply to the station.
>>>
>>> /
>>> /
>>> /Dec 29 11:36:54 packtfence packetfence_httpd.aaa:
>>> httpd.aaa(5185) INFO: [mac:64:1c:67:82:7d:f2] handling
>>> radius autz request: from switch_ip => (172.16.0.50),
>>> connection_type => WIRED_MAC_AUTH,switch_mac =>
>>> (14:18:77:ea:f0:a2), mac => [64:1c:67:82:7d:f2], port =>
>>> 41, username => "641C67827DF2" (pf::radius::authorize)/
>>> /Dec 29 11:36:54 packtfence packetfence_httpd.aaa:
>>> httpd.aaa(5185) INFO: [mac:64:1c:67:82:7d:f2]
>>> Instantiate profile default
>>> (pf::Connection::ProfileFactory::_from_profile)/
>>> /Dec 29 11:36:54 packtfence packetfence_httpd.aaa:
>>> httpd.aaa(5185) INFO: [mac:64:1c:67:82:7d:f2] is of
>>> status unreg; belongs into registration VLAN
>>> (pf::role::getRegistrationRole)/
>>> /Dec 29 11:36:54 packtfence packetfence_httpd.aaa:
>>> httpd.aaa(5185) INFO: [mac:64:1c:67:82:7d:f2]
>>> (172.16.0.50) Added VLAN 300 to the returned RADIUS
>>> Access-Accept (pf::Switch::returnRadiusAccessAccept)/
>>>
>>>
>>> /Dec 29 11:36:54 packtfence auth[7662]: Need 1 more
>>> connections to reach min connections (3)/
>>> /Dec 29 11:36:54 packtfence auth[7662]: rlm_rest (rest):
>>> Opening additional connection (23), 1 of 62 pending
>>> slots used/
>>> /Dec 29 11:36:54 packtfence auth[7662]: Need 1 more
>>> connections to reach min connections (3)/
>>> /Dec 29 11:36:54 packtfence auth[7662]: rlm_sql (sql):
>>> Opening additional connection (25), 1 of 62 pending
>>> slots used/
>>> /Dec 29 11:36:54 packtfence auth[7662]:
>>> [mac:64:1c:67:82:7d:f2] Accepted user: and returned
>>> VLAN 300/
>>> /Dec 29 11:36:54 packtfence auth[7662]: (44) Login OK:
>>> [641C67827DF2] (from client 172.16.0.50 port 41 cli
>>> 64:1c:67:82:7d:f2)/
>>>
>>>
>>> In the logs it returns to vlan correct, but does not
>>> assign to the computer, it stubborn in assigning the
>>> network 172.16.0.0/24 <http://172.16.0.0/24>.
>>>
>>> I did not configure DHCP in packetfence, when
>>> packetfence returns a vlan it is for it to get dhcp from
>>> my infrastructure. (So I imagine.)
>>>
>>> Follows some of my settings, it's okay to expose
>>> information since it's a lab.
>>>
>>>
>>> [root@packtfence ~]# ifconfig
>>> SCRIVENER-b: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>
>>> mtu 1500
>>> inet 169.254.0.2 netmask 255.255.255.252
>>> broadcast 169.254.0.3
>>> inet6 fe80::c8b5:5bff:febe:b1cc prefixlen 64
>>> scopeid 0x20<link>
>>> ether ca:b5:5b:be:b1:cc txqueuelen 1000 (Ethernet)
>>> RX packets 8 bytes 648 (648.0 B)
>>> RX errors 0 dropped 0 overruns 0 frame 0
>>> TX packets 8 bytes 648 (648.0 B)
>>> TX errors 0 dropped 0 overruns 0 carrier 0
>>> collisions 0
>>>
>>> enp0s3: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
>>> ether 08:00:27:a3:36:2a txqueuelen 1000 (Ethernet)
>>> RX packets 5668 bytes 8119227 (7.7 MiB)
>>> RX errors 0 dropped 0 overruns 0 frame 0
>>> TX packets 1260 bytes 80253 (78.3 KiB)
>>> TX errors 0 dropped 0 overruns 0 carrier 0
>>> collisions 0
>>>
>>> enp0s8: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
>>> inet 172.16.0.2 netmask 255.255.255.0
>>> broadcast 172.16.0.255
>>> inet6 fe80::a00:27ff:fef4:37f8 prefixlen 64
>>> scopeid 0x20<link>
>>> ether 08:00:27:f4:37:f8 txqueuelen 1000 (Ethernet)
>>> RX packets 20960 bytes 4119093 (3.9 MiB)
>>> RX errors 0 dropped 0 overruns 0 frame 0
>>> TX packets 12227 bytes 21064744 (20.0 MiB)
>>> TX errors 0 dropped 0 overruns 0 carrier 0
>>> collisions 0
>>>
>>> enp0s8.300: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>
>>> mtu 1500
>>> inet 172.17.0.2 netmask 255.255.255.0
>>> broadcast 172.17.0.255
>>> inet6 fe80::a00:27ff:fef4:37f8 prefixlen 64
>>> scopeid 0x20<link>
>>> ether 08:00:27:f4:37:f8 txqueuelen 1000 (Ethernet)
>>> RX packets 10 bytes 628 (628.0 B)
>>> RX errors 0 dropped 0 overruns 0 frame 0
>>> TX packets 14 bytes 900 (900.0 B)
>>> TX errors 0 dropped 0 overruns 0 carrier 0
>>> collisions 0
>>>
>>> enp0s8.301: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>
>>> mtu 1500
>>> inet 172.19.0.2 netmask 255.255.255.0
>>> broadcast 172.19.0.255
>>> inet6 fe80::a00:27ff:fef4:37f8 prefixlen 64
>>> scopeid 0x20<link>
>>> ether 08:00:27:f4:37:f8 txqueuelen 1000 (Ethernet)
>>> RX packets 10 bytes 628 (628.0 B)
>>> RX errors 0 dropped 0 overruns 0 frame 0
>>> TX packets 14 bytes 900 (900.0 B)
>>> TX errors 0 dropped 0 overruns 0 carrier 0
>>> collisions 0
>>>
>>> enp0s8.600: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>
>>> mtu 1500
>>> inet 172.18.0.2 netmask 255.255.255.0
>>> broadcast 172.18.0.255
>>> inet6 fe80::a00:27ff:fef4:37f8 prefixlen 64
>>> scopeid 0x20<link>
>>> ether 08:00:27:f4:37:f8 txqueuelen 1000 (Ethernet)
>>> RX packets 10 bytes 628 (628.0 B)
>>> RX errors 0 dropped 0 overruns 0 frame 0
>>> TX packets 14 bytes 900 (900.0 B)
>>> TX errors 0 dropped 0 overruns 0 carrier 0
>>> collisions 0
>>>
>>> lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
>>> inet 127.0.0.1 netmask 255.0.0.0
>>> inet6 ::1 prefixlen 128 scopeid 0x10<host>
>>> loop txqueuelen 1 (Loopback Local)
>>> RX packets 1567747 bytes 224694729 (214.2 MiB)
>>> RX errors 0 dropped 0 overruns 0 frame 0
>>> TX packets 1567747 bytes 224694729 (214.2 MiB)
>>> TX errors 0 dropped 0 overruns 0 carrier 0
>>> collisions 0
>>>
>>>
>>>
>>>
>>> [root@packtfence ~]# cat /usr/local/pf/conf/networks.co
>>> <http://networks.co>nf
>>> [172.17.0.0]
>>> dns=172.17.0.2
>>> dhcp_start=172.17.0.10
>>> gateway=172.17.0.2
>>> domain-name=vlan-registration.scrivener.com.br
>>> <http://vlan-registration.scrivener.com.br>
>>> nat_enabled=disabled
>>> named=enabled
>>> dhcp_max_lease_time=30
>>> fake_mac_enabled=disabled
>>> dhcpd=disabled
>>> dhcp_end=172.17.0.246
>>> type=vlan-registration
>>> netmask=255.255.255.0
>>> dhcp_default_lease_time=30
>>>
>>> [172.18.0.0]
>>> dns=172.18.0.2
>>> dhcp_start=172.18.0.10
>>> gateway=172.18.0.2
>>> domain-name=vlan-isolation.scrivener.com.br
>>> <http://vlan-isolation.scrivener.com.br>
>>> nat_enabled=disabled
>>> named=enabled
>>> dhcp_max_lease_time=30
>>> fake_mac_enabled=disabled
>>> dhcpd=disabled
>>> dhcp_end=172.18.0.246
>>> type=vlan-isolation
>>> netmask=255.255.255.0
>>> dhcp_default_lease_time=30
>>>
>>>
>>>
>>>
>>>
>>> [root@packtfence ~]# cat /usr/local/pf/conf/switches.co
>>> <http://switches.co>nf
>>> #
>>> # Copyright (C) 2005-2017 Inverse inc.
>>> #
>>> # See the enclosed file COPYING for license information
>>> (GPL).
>>> # If you did not receive this file, see
>>> # http://www.fsf.org/licensing/licenses/gpl.html
>>> <http://www.fsf.org/licensing/licenses/gpl.html>
>>> [default]
>>> type=Dell::N1500
>>> registrationVlan=300
>>> isolationVlan=600
>>> uplink=5
>>> cliUser=[secret]
>>> cliPwd=[secret]
>>> cliEnablePwd=[secret]
>>> #
>>> # SNMP section
>>> #
>>> # PacketFence -> Switch
>>> SNMPVersion=2c
>>> #
>>> # RADIUS NAS Client config
>>> #
>>> # RADIUS shared secret with switch
>>> radiusSecret=teste123
>>> CORPORATIVOVlan=301
>>> uplink_dynamic=0
>>>
>>> [172.16.0.50]
>>> mode=production
>>> description=172.16.0.50
>>> ExternalPortalEnforcement=Y
>>> deauthMethod=Telnet
>>> cliAccess=Y
>>> defaultVlan=301
>>>
>>>
>>>
>>> Any can help? Please! My Christmas present and New
>>> Year's Eve.
>>>
>>>
>>>
>>>
>>> Att,
>>> Andre Scrivener
>>>
>>>
>>>
>>> ------------------------------------------------------------------------------
>>> Check out the vibrant tech community on one of the world's most
>>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>>>
>>>
>>> _______________________________________________
>>> PacketFence-users mailing list
>>> PacketFence-users@lists.sourceforge.net
>>> <mailto:PacketFence-users@lists.sourceforge.net>
>>> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>> <https://lists.sourceforge.net/lists/listinfo/packetfence-users>
>>
>> --
>> Fabrice Durand
>> fdur...@inverse.ca <mailto:fdur...@inverse.ca> ::
>> +1.514.447.4918 (x135) :: www.inverse.ca <http://www.inverse.ca>
>> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and
>> PacketFence (http://packetfence.org)
>>
>>
>>
>> ------------------------------------------------------------------------------
>> Check out the vibrant tech community on one of the
>> world's most
>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>> _______________________________________________
>> PacketFence-users mailing list
>> PacketFence-users@lists.sourceforge.net
>> <mailto:PacketFence-users@lists.sourceforge.net>
>> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>> <https://lists.sourceforge.net/lists/listinfo/packetfence-users>
>>
>>
>>
>>
>> --
>> Att
>> *Andre*
>>
>>
>>
>>
>> --
>> Att
>> *Andre*
>
> --
> Fabrice Durand
> fdur...@inverse.ca <mailto:fdur...@inverse.ca> :: +1.514.447.4918 (x135)
> :: www.inverse.ca <http://www.inverse.ca>
> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence
> (http://packetfence.org)
>
>
>
>
> --
> Att
> *Andre Scrivener*
--
Fabrice Durand
fdur...@inverse.ca :: +1.514.447.4918 (x135) :: www.inverse.ca
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence
(http://packetfence.org)
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users
