Fabrice,
I used the configuration sent, still gave an error.
I saw some new logs:
Jan 3 18:41:44 packetfence pfqueue: pfqueue(25669) WARN:
[mac:84:7b:eb:e3:84:42] Until CoA is implemented we will bounce the port on
VLAN re-assignment traps for MAC-Auth
(pf::Switch::handleReAssignVlanTrapForWiredMacAuth)
You know, do you explain what it would be?
Soon I will update the firmware of the switch, to see if it resolves.
Is it also not a bug in the packetfence version? Did you hear from anyone
else with this problem?
Greetings!
2018-01-03 17:24 GMT-03:00 Fabrice Durand <[email protected]>:
> Hello André,
>
> yes i did that a long time ago:
>
> https://github.com/inverse-inc/packetfence/commit/
> 9d47649dd8d133b233d313d2c80e94421c38caaa#diff-
> 53248f7bb6c533be6a5b55ec361b3238
>
> Also the note i took:
>
> 1 Enter global configuration mode and define the RADIUS server.
>
> console#configure
> console(config)#radius-server host auth 10.34.200.30
> console(Config-auth-radius)#name PacketFence
> console(Config-auth-radius)#usage 802.1x
> console(Config-auth-radius)#key s3cr3t
> console(Config-auth-radius)#exit
> console(Config)#aaa server radius dynamic-author
> console(config-radius-da)#client 10.34.200.30 server-key s3cr3t
> console(config-radius-da)#auth-type all
> console(config-radius-da)#exit
>
>
>
>
> 2 Enable authentication and globally enable 802.1x client authentication
> via RADIUS:
>
> console(config)#authentication enable
> console(config)#aaa authentication dot1x default radius
> console(config)#aaa authorization network default radius
> console(config)#dot1x system-auth-control
>
> (Optional)
> console(Config)#dot1x dynamic-vlan enable
>
> 3 On the interface, enable MAC based authentication mode, enable MAB, and
> set the order of authentication to 802.1X followed by MAC authentication.
> Also enable periodic re-authentication.
>
> console(config)#interface te1/0/4
> console(config-if-Te1/0/4)#dot1x port-control mac-based
> console(config-if-Te1/0/4)#dot1x mac-auth-bypass
> console(config-if-Te1/0/4)#authentication order dot1x mab
> console(config-if-Te1/0/4)#dot1x reauthentication
> console(config-if-Te1/0/4)#exit
>
> authentication order mab
> authentication priority mab
>
>
>
> Le 2018-01-03 à 09:18, André Scrivener a écrit :
>
> Hey,
>
> I configured interface 15 manually to use only vlan 2 (registry), and I
> was assigned registry address addressing (192.168.2.0/24)
>
> Following config switch:
>
> interface Gi1/0/15
> switchport access vlan 2
> dot1x port-control force-authorized
> exit
>
>
> Following logs packetfence:
>
> Jan 3 12:14:41 packetfence pfqueue: pfqueue(24777) INFO:
> [mac:84:7b:eb:e3:84:42] oldip (172.16.0.10) and newip (192.168.2.10) are
> different for 84:7b:eb:e3:84:42 - closing ip4log entry
> (pf::api::update_ip4log)
>
>
>
> console#show mac address-table vlan 2
>
> Aging time is 300 Sec
>
> Vlan Mac Address Type Port
> -------- --------------------- ----------- ---------------------
> 2 0800.2735.FCC4 Dynamic Gi1/0/11* - Packetfence*
> 2 847B.EBE3.8442 Dynamic Gi1/0/15* - Test machine*
>
>
> You may notice that now the mac address of packetfence is in vlan 2.
>
> Have you already configured dell switch switches?
>
> Any idea??
>
>
> 2018-01-03 10:59 GMT-03:00 Fabrice Durand <[email protected]>:
>
>> Hum strange.
>>
>> What you can try is to define an interface in the vlan 2 (manually on an
>> switch port) and plug your test machine in it. (you must receive an ip from
>> PacketFence).
>>
>> If you receive an ip from the 172.16.0.0/24 then it mean that you have a
>> switch configuration issue. (any layer 3 interfaces defined in the vlan 2
>> ?).
>>
>> Also what i can see is that there is no mac in the vlan 2 and the vlan 3
>> for the interface 11.
>>
>> You should have something like that too:
>>
>> 2 08:00:27:35:fc:c4 Dynamic Gi1/0/11
>> * - PacketFence Reg *
>> 3 08:00:27:35:fc:c4 Dynamic Gi1/0/11* - PacketFence Isol*
>>
>> Regards
>> Fabrice
>>
>>
>> Le 2018-01-02 à 13:55, André Scrivener a écrit :
>>
>> Opss, Fabrice!
>>
>> I forgot an information, the MAC addresses on the switch.
>>
>> By the logs, it is in VLAN 2, the correct vlan.
>>
>> Right now I do not understand, because it does not assign the correct
>> address
>>
>>
>> console#show mac address-table
>>
>> Aging time is 300 Sec
>>
>> Vlan Mac Address Type Port
>> -------- --------------------- ----------- ---------------------
>> 1 0800.2700.58E2 Dynamic Gi1/0/11 *- Windows Server
>> 2008*
>> 1 0800.2735.FCC4 Dynamic Gi1/0/11* - PacketFence*
>> 1 1418.77EA.F0A3 Management Vl1 * - Switch Dell*
>> 1 641C.XXXXXXXXX Dynamic Gi1/0/11 *- My physical pc*
>> 2 847B.EBE3.8442 Dynamic Gi1/0/13 *- My test machine*
>>
>> Total MAC Addresses in use: 5
>>
>> console#show mac address-table interface Gi1/0/13
>>
>> Aging time is 300 Sec
>>
>> Vlan Mac Address Type Port
>> -------- --------------------- ----------- ---------------------
>> 2 847B.EBE3.8442 Dynamic Gi1/0/13* - My test machine*
>>
>>
>> console#
>>
>>
>> 2018-01-02 15:22 GMT-03:00 André Scrivener <[email protected]>:
>>
>>> Hello Fabrice,
>>>
>>> I simplified the environment, I'm using only 1 interface!
>>>
>>>
>>> enp0s3: Management - DHCP FROM WINDOWS SERVER
>>> enp0s3 VLAN 2: Registration - DHCP ENABLE
>>> enp0s3 VLAN 3: Isolation - DHCP ENABLE
>>> enp0s3 VLAN 10: Normal - NO DHCP
>>>
>>> IP Address Switch Managed: 172.16.0.50
>>> Interface 11: My physical machine, and virtual machine (virtualbox)
>>> where is the PacketFence (interface mode bridge)
>>> Interface 23: My client test Windows 8 (interface mode bridge)
>>>
>>>
>>> Problem continue, in the logs it returns to vlan correct, but does not
>>> assign to the computer, it stubborn in assigning the network
>>> 172.16.0.0/24 (Management Network).
>>>
>>>
>>> root@packetfence ~]# tailf /usr/local/pf/logs/packetfence.log
>>> Jan 2 14:03:10 packetfence packetfence_httpd.aaa: httpd.aaa(30935)
>>> INFO: [mac:84:7b:eb:e3:84:42] handling radius autz request: from switch_ip
>>> => (172.16.0.50), connection_type => WIRED_MAC_AUTH,switch_mac =>
>>> (14:18:77:ea:f0:a2), mac => [84:7b:eb:e3:84:42], port => 13, username =>
>>> "847BEBE38442" (pf::radius::authorize)
>>> Jan 2 14:03:10 packetfence packetfence_httpd.aaa: httpd.aaa(30935)
>>> INFO: [mac:84:7b:eb:e3:84:42] Instantiate profile default
>>> (pf::Connection::ProfileFactory::_from_profile)
>>> Jan 2 14:03:10 packetfence packetfence_httpd.aaa: httpd.aaa(30935)
>>> INFO: [mac:84:7b:eb:e3:84:42] is of status unreg; belongs into registration
>>> VLAN (pf::role::getRegistrationRole)
>>> Jan 2 14:03:10 packetfence packetfence_httpd.aaa: httpd.aaa(30935)
>>> INFO: [mac:84:7b:eb:e3:84:42] (172.16.0.50) Added VLAN 2 to the returned
>>> RADIUS Access-Accept (pf::Switch::returnRadiusAccessAccept)
>>>
>>>
>>>
>>> [root@packetfence ~]# tailf /usr/local/pf/logs/radius.log
>>> Jan 2 14:03:10 packetfence auth[31813]: Need 1 more connections to
>>> reach min connections (3)
>>> Jan 2 14:03:10 packetfence auth[31813]: rlm_rest (rest): Opening
>>> additional connection (15), 1 of 62 pending slots used
>>> Jan 2 14:03:10 packetfence auth[31813]: Need 7 more connections to
>>> reach 10 spares
>>> Jan 2 14:03:10 packetfence auth[31813]: rlm_sql (sql): Opening
>>> additional connection (18), 1 of 61 pending slots used
>>> Jan 2 14:03:10 packetfence auth[31813]: [mac:84:7b:eb:e3:84:42]
>>> Accepted user: and returned VLAN 2
>>> Jan 2 14:03:10 packetfence auth[31813]: (32) Login OK: [847BEBE38442]
>>> (from client 172.16.0.50 port 13 cli 84:7b:eb:e3:84:42)
>>>
>>>
>>>
>>>
>>> Follow network settings:
>>>
>>> [root@packetfence ~]# ifconfig
>>> enp0s3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
>>> inet 172.16.0.2 netmask 255.255.255.0 broadcast 172.16.0.255
>>> inet6 fe80::a00:27ff:fe35:fcc4 prefixlen 64 scopeid 0x20<link>
>>> ether 08:00:27:35:fc:c4 txqueuelen 1000 (Ethernet)
>>> RX packets 560936 bytes 711890423 (678.9 MiB)
>>> RX errors 0 dropped 0 overruns 0 frame 0
>>> TX packets 153523 bytes 23163746 (22.0 MiB)
>>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>>
>>> enp0s3.2: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
>>> inet 192.168.2.2 netmask 255.255.255.0 broadcast 192.168.2.255
>>> inet6 fe80::a00:27ff:fe35:fcc4 prefixlen 64 scopeid 0x20<link>
>>> ether 08:00:27:35:fc:c4 txqueuelen 1000 (Ethernet)
>>> RX packets 0 bytes 0 (0.0 B)
>>> RX errors 0 dropped 0 overruns 0 frame 0
>>> TX packets 10 bytes 732 (732.0 B)
>>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>>
>>> enp0s3.3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
>>> inet 192.168.3.2 netmask 255.255.255.0 broadcast 192.168.3.255
>>> inet6 fe80::a00:27ff:fe35:fcc4 prefixlen 64 scopeid 0x20<link>
>>> ether 08:00:27:35:fc:c4 txqueuelen 1000 (Ethernet)
>>> RX packets 0 bytes 0 (0.0 B)
>>> RX errors 0 dropped 0 overruns 0 frame 0
>>> TX packets 10 bytes 732 (732.0 B)
>>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>>
>>> enp0s3.10: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
>>> inet 192.168.1.1 netmask 255.255.255.0 broadcast 192.168.1.255
>>> inet6 fe80::a00:27ff:fe35:fcc4 prefixlen 64 scopeid 0x20<link>
>>> ether 08:00:27:35:fc:c4 txqueuelen 1000 (Ethernet)
>>> RX packets 0 bytes 0 (0.0 B)
>>> RX errors 0 dropped 0 overruns 0 frame 0
>>> TX packets 10 bytes 732 (732.0 B)
>>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>>
>>> lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
>>> inet 127.0.0.1 netmask 255.0.0.0
>>> inet6 ::1 prefixlen 128 scopeid 0x10<host>
>>> loop txqueuelen 1 (Loopback Local)
>>> RX packets 1162494 bytes 167041449 (159.3 MiB)
>>> RX errors 0 dropped 0 overruns 0 frame 0
>>> TX packets 1162494 bytes 167041449 (159.3 MiB)
>>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>>
>>> [root@packetfence ~]#
>>>
>>>
>>>
>>> [root@packetfence ~]# cat /usr/local/pf/conf/networks.conf
>>> [192.168.3.0]
>>> dns=192.168.3.2
>>> dhcp_start=192.168.3.10
>>> gateway=192.168.3.2
>>> domain-name=vlan-isolation.scrivener.com.br
>>> nat_enabled=disabled
>>> named=enabled
>>> dhcp_max_lease_time=30
>>> fake_mac_enabled=disabled
>>> dhcpd=enabled
>>> dhcp_end=192.168.3.246
>>> type=vlan-isolation
>>> netmask=255.255.255.0
>>> dhcp_default_lease_time=30
>>>
>>> [192.168.2.0]
>>> dns=192.168.2.2
>>> dhcp_start=192.168.2.10
>>> gateway=192.168.2.2
>>> domain-name=vlan-registration.scrivener.com.br
>>> nat_enabled=disabled
>>> named=enabled
>>> dhcp_max_lease_time=30
>>> fake_mac_enabled=disabled
>>> dhcpd=enabled
>>> dhcp_end=192.168.2.246
>>> type=vlan-registration
>>> netmask=255.255.255.0
>>> dhcp_default_lease_time=30
>>> [root@packetfence ~]#
>>>
>>>
>>>
>>> [root@packetfence ~]# cat /usr/local/pf/conf/switches.conf
>>> [172.16.0.50]
>>> mode=production
>>> defaultVlan=10
>>> deauthMethod=RADIUS
>>> description=SWITCH DELL - 172.16.0.50
>>> type=Dell::N1500
>>> radiusSecret=useStrongerSecret
>>> SNMPVersion=2c
>>>
>>> #
>>> # Copyright (C) 2005-2017 Inverse inc.
>>> #
>>> # See the enclosed file COPYING for license information (GPL).
>>> # If you did not receive this file, see
>>> # http://www.fsf.org/licensing/licenses/gpl.html
>>> [192.168.0.1]
>>> description=Test Switch
>>> type=Cisco::Catalyst_2900XL
>>> mode=production
>>> uplink=23,24
>>>
>>> #SNMPVersion = 3
>>> #SNMPEngineID = 0000000000000
>>> #SNMPUserNameRead = readUser
>>> #SNMPAuthProtocolRead = MD5
>>> #SNMPAuthPasswordRead = authpwdread
>>> #SNMPPrivProtocolRead = DES
>>> #SNMPPrivPasswordRead = privpwdread
>>> #SNMPUserNameWrite = writeUser
>>> #SNMPAuthProtocolWrite = MD5
>>> #SNMPAuthPasswordWrite = authpwdwrite
>>> #SNMPPrivProtocolWrite = DES
>>> #SNMPPrivPasswordWrite = privpwdwrite
>>> #SNMPVersionTrap = 3
>>> #SNMPUserNameTrap = readUser
>>> #SNMPAuthProtocolTrap = MD5
>>> #SNMPAuthPasswordTrap = authpwdread
>>> #SNMPPrivProtocolTrap = DES
>>> #SNMPPrivPasswordTrap = privpwdread
>>> [192.168.1.0/24]
>>> description=Test Range Switch
>>> type=Cisco::Catalyst_2900XL
>>> mode=production
>>> uplink=23,24
>>> [root@packetfence ~]#
>>>
>>>
>>> Follow switch configuration:
>>>
>>> Following the configuration of the manual, the model of my switch is
>>> DELL n1548. (https://packetfence.org/doc/PacketFence_Network_Devices_Con
>>> figuration_Guide.html#_dell)
>>>
>>>
>>> console#show running-config
>>>
>>> !Current Configuration:
>>> !System Description "Dell Networking N1548, 6.2.6.6, Linux 3.6.5"
>>> !System Software Version 6.2.6.6
>>> !
>>> configure
>>> vlan 2-5,10,100
>>> exit
>>> vlan 2
>>> name "Registration"
>>> exit
>>> vlan 3
>>> name "Isolation"
>>> exit
>>> vlan 4
>>> name "Mac detection"
>>> exit
>>> vlan 5
>>> name "Guest"
>>> exit
>>> vlan 100
>>> name "VoIP"
>>> exit
>>> stack
>>> member 1 3 ! N1548
>>> exit
>>> interface vlan 1
>>> ip address 172.16.0.50 255.255.255.0
>>> exit
>>> authentication enable
>>> dot1x system-auth-control
>>> aaa authentication dot1x default radius
>>> aaa authorization network default radius
>>> dot1x dynamic-vlan enable
>>> voice vlan
>>> aaa server radius dynamic-author
>>> client 172.16.0.2 server-key "useStrongerSecret"
>>> exit
>>> radius-server host auth 172.16.0.2
>>> name "PacketFence"
>>> usage 802.1x
>>> key "useStrongerSecret"
>>> exit
>>> !
>>> interface Gi1/0/11
>>> switchport mode trunk
>>> switchport trunk allowed vlan 1-5,100
>>> dot1x port-control force-authorized
>>> exit
>>> !
>>> interface Gi1/0/13
>>> switchport voice detect auto
>>> switchport mode general
>>> switchport access vlan 10
>>> dot1x port-control mac-based
>>> dot1x reauthentication
>>> dot1x mac-auth-bypass
>>> authentication order mab
>>> authentication priority mab
>>> lldp transmit-tlv sys-desc sys-cap
>>> lldp transmit-mgmt
>>> lldp notification
>>> lldp med confignotification
>>> voice vlan 100
>>> exit
>>> snmp-server engineid local 800002a203141877eaf0a0
>>> snmp-server community "private" rw
>>> snmp-server community "public" ro
>>> exit
>>>
>>> console#
>>>
>>>
>>>
>>>
>>> I still do not understand where the error is. Any idea
>>>
>>>
>>> 2017-12-29 11:15 GMT-03:00 Fabrice Durand via PacketFence-users <
>>> [email protected]>:
>>>
>>>> Hello André,
>>>>
>>>> First you need to check on the switch side if the mac address of the
>>>> device is in the vlan 300.
>>>>
>>>> Next a registration vlan is a vlan managed by PacketFence, so you need
>>>> to enable dhcp on the vlan 300 and 600.
>>>> Another thing i can see is that the interface enp0s8.300 (vlan 300) use
>>>> the network 172.17.0.0/24 and it should be 172.16.0.0/24 ?! (but
>>>> enp0s8 use this network).
>>>>
>>>> So i my opinion, you probably mess up the vlan/interface config.
>>>>
>>>> If enp0s8 interface is really on the vlan 300 then enp0s8.300 is
>>>> useless and you probably have to use the vlan 301 as the registration
>>>> network.
>>>>
>>>> Last things, be sure that enp0s8 is plugged on a trunk port and be sure
>>>> that you define all the vlans in your switch configuration.
>>>>
>>>> Regards
>>>> Fabrice
>>>>
>>>>
>>>>
>>>>
>>>> Le 2017-12-29 à 08:50, André Scrivener via PacketFence-users a écrit :
>>>>
>>>> I'm configuring pf as vlan enforcement, but I'm having a problem, where
>>>> vlans with their respective IPs are not being assigned. In the logs it
>>>> returns the correct vlans, but does not apply to the station.
>>>>
>>>>
>>>> *Dec 29 11:36:54 packtfence packetfence_httpd.aaa: httpd.aaa(5185)
>>>> INFO: [mac:64:1c:67:82:7d:f2] handling radius autz request: from switch_ip
>>>> => (172.16.0.50), connection_type => WIRED_MAC_AUTH,switch_mac =>
>>>> (14:18:77:ea:f0:a2), mac => [64:1c:67:82:7d:f2], port => 41, username =>
>>>> "641C67827DF2" (pf::radius::authorize)*
>>>> *Dec 29 11:36:54 packtfence packetfence_httpd.aaa: httpd.aaa(5185)
>>>> INFO: [mac:64:1c:67:82:7d:f2] Instantiate profile default
>>>> (pf::Connection::ProfileFactory::_from_profile)*
>>>> *Dec 29 11:36:54 packtfence packetfence_httpd.aaa: httpd.aaa(5185)
>>>> INFO: [mac:64:1c:67:82:7d:f2] is of status unreg; belongs into registration
>>>> VLAN (pf::role::getRegistrationRole)*
>>>> *Dec 29 11:36:54 packtfence packetfence_httpd.aaa: httpd.aaa(5185)
>>>> INFO: [mac:64:1c:67:82:7d:f2] (172.16.0.50) Added VLAN 300 to the returned
>>>> RADIUS Access-Accept (pf::Switch::returnRadiusAccessAccept)*
>>>>
>>>>
>>>> *Dec 29 11:36:54 packtfence auth[7662]: Need 1 more connections to
>>>> reach min connections (3)*
>>>> *Dec 29 11:36:54 packtfence auth[7662]: rlm_rest (rest): Opening
>>>> additional connection (23), 1 of 62 pending slots used*
>>>> *Dec 29 11:36:54 packtfence auth[7662]: Need 1 more connections to
>>>> reach min connections (3)*
>>>> *Dec 29 11:36:54 packtfence auth[7662]: rlm_sql (sql): Opening
>>>> additional connection (25), 1 of 62 pending slots used*
>>>> *Dec 29 11:36:54 packtfence auth[7662]: [mac:64:1c:67:82:7d:f2]
>>>> Accepted user: and returned VLAN 300*
>>>> *Dec 29 11:36:54 packtfence auth[7662]: (44) Login OK: [641C67827DF2]
>>>> (from client 172.16.0.50 port 41 cli 64:1c:67:82:7d:f2)*
>>>>
>>>>
>>>> In the logs it returns to vlan correct, but does not assign to the
>>>> computer, it stubborn in assigning the network 172.16.0.0/24.
>>>>
>>>> I did not configure DHCP in packetfence, when packetfence returns a
>>>> vlan it is for it to get dhcp from my infrastructure. (So I imagine.)
>>>>
>>>> Follows some of my settings, it's okay to expose information since it's
>>>> a lab.
>>>>
>>>>
>>>> [root@packtfence ~]# ifconfig
>>>> SCRIVENER-b: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
>>>> inet 169.254.0.2 netmask 255.255.255.252 broadcast 169.254.0.3
>>>> inet6 fe80::c8b5:5bff:febe:b1cc prefixlen 64 scopeid
>>>> 0x20<link>
>>>> ether ca:b5:5b:be:b1:cc txqueuelen 1000 (Ethernet)
>>>> RX packets 8 bytes 648 (648.0 B)
>>>> RX errors 0 dropped 0 overruns 0 frame 0
>>>> TX packets 8 bytes 648 (648.0 B)
>>>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>>>
>>>> enp0s3: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
>>>> ether 08:00:27:a3:36:2a txqueuelen 1000 (Ethernet)
>>>> RX packets 5668 bytes 8119227 (7.7 MiB)
>>>> RX errors 0 dropped 0 overruns 0 frame 0
>>>> TX packets 1260 bytes 80253 (78.3 KiB)
>>>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>>>
>>>> enp0s8: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
>>>> inet 172.16.0.2 netmask 255.255.255.0 broadcast 172.16.0.255
>>>> inet6 fe80::a00:27ff:fef4:37f8 prefixlen 64 scopeid 0x20<link>
>>>> ether 08:00:27:f4:37:f8 txqueuelen 1000 (Ethernet)
>>>> RX packets 20960 bytes 4119093 (3.9 MiB)
>>>> RX errors 0 dropped 0 overruns 0 frame 0
>>>> TX packets 12227 bytes 21064744 (20.0 MiB)
>>>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>>>
>>>> enp0s8.300: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
>>>> inet 172.17.0.2 netmask 255.255.255.0 broadcast 172.17.0.255
>>>> inet6 fe80::a00:27ff:fef4:37f8 prefixlen 64 scopeid 0x20<link>
>>>> ether 08:00:27:f4:37:f8 txqueuelen 1000 (Ethernet)
>>>> RX packets 10 bytes 628 (628.0 B)
>>>> RX errors 0 dropped 0 overruns 0 frame 0
>>>> TX packets 14 bytes 900 (900.0 B)
>>>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>>>
>>>> enp0s8.301: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
>>>> inet 172.19.0.2 netmask 255.255.255.0 broadcast 172.19.0.255
>>>> inet6 fe80::a00:27ff:fef4:37f8 prefixlen 64 scopeid 0x20<link>
>>>> ether 08:00:27:f4:37:f8 txqueuelen 1000 (Ethernet)
>>>> RX packets 10 bytes 628 (628.0 B)
>>>> RX errors 0 dropped 0 overruns 0 frame 0
>>>> TX packets 14 bytes 900 (900.0 B)
>>>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>>>
>>>> enp0s8.600: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
>>>> inet 172.18.0.2 netmask 255.255.255.0 broadcast 172.18.0.255
>>>> inet6 fe80::a00:27ff:fef4:37f8 prefixlen 64 scopeid 0x20<link>
>>>> ether 08:00:27:f4:37:f8 txqueuelen 1000 (Ethernet)
>>>> RX packets 10 bytes 628 (628.0 B)
>>>> RX errors 0 dropped 0 overruns 0 frame 0
>>>> TX packets 14 bytes 900 (900.0 B)
>>>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>>>
>>>> lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
>>>> inet 127.0.0.1 netmask 255.0.0.0
>>>> inet6 ::1 prefixlen 128 scopeid 0x10<host>
>>>> loop txqueuelen 1 (Loopback Local)
>>>> RX packets 1567747 bytes 224694729 (214.2 MiB)
>>>> RX errors 0 dropped 0 overruns 0 frame 0
>>>> TX packets 1567747 bytes 224694729 (214.2 MiB)
>>>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>>>
>>>>
>>>>
>>>>
>>>> [root@packtfence ~]# cat /usr/local/pf/conf/networks.conf
>>>> [172.17.0.0]
>>>> dns=172.17.0.2
>>>> dhcp_start=172.17.0.10
>>>> gateway=172.17.0.2
>>>> domain-name=vlan-registration.scrivener.com.br
>>>> nat_enabled=disabled
>>>> named=enabled
>>>> dhcp_max_lease_time=30
>>>> fake_mac_enabled=disabled
>>>> dhcpd=disabled
>>>> dhcp_end=172.17.0.246
>>>> type=vlan-registration
>>>> netmask=255.255.255.0
>>>> dhcp_default_lease_time=30
>>>>
>>>> [172.18.0.0]
>>>> dns=172.18.0.2
>>>> dhcp_start=172.18.0.10
>>>> gateway=172.18.0.2
>>>> domain-name=vlan-isolation.scrivener.com.br
>>>> nat_enabled=disabled
>>>> named=enabled
>>>> dhcp_max_lease_time=30
>>>> fake_mac_enabled=disabled
>>>> dhcpd=disabled
>>>> dhcp_end=172.18.0.246
>>>> type=vlan-isolation
>>>> netmask=255.255.255.0
>>>> dhcp_default_lease_time=30
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> [root@packtfence ~]# cat /usr/local/pf/conf/switches.conf
>>>> #
>>>> # Copyright (C) 2005-2017 Inverse inc.
>>>> #
>>>> # See the enclosed file COPYING for license information (GPL).
>>>> # If you did not receive this file, see
>>>> # http://www.fsf.org/licensing/licenses/gpl.html
>>>> [default]
>>>> type=Dell::N1500
>>>> registrationVlan=300
>>>> isolationVlan=600
>>>> uplink=5
>>>> cliUser=[secret]
>>>> cliPwd=[secret]
>>>> cliEnablePwd=[secret]
>>>> #
>>>> # SNMP section
>>>> #
>>>> # PacketFence -> Switch
>>>> SNMPVersion=2c
>>>> #
>>>> # RADIUS NAS Client config
>>>> #
>>>> # RADIUS shared secret with switch
>>>> radiusSecret=teste123
>>>> CORPORATIVOVlan=301
>>>> uplink_dynamic=0
>>>>
>>>> [172.16.0.50]
>>>> mode=production
>>>> description=172.16.0.50
>>>> ExternalPortalEnforcement=Y
>>>> deauthMethod=Telnet
>>>> cliAccess=Y
>>>> defaultVlan=301
>>>>
>>>>
>>>>
>>>> Any can help? Please! My Christmas present and New Year's Eve.
>>>>
>>>>
>>>>
>>>>
>>>> Att,
>>>> Andre Scrivener
>>>>
>>>>
>>>> ------------------------------------------------------------------------------
>>>> Check out the vibrant tech community on one of the world's most
>>>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> PacketFence-users mailing
>>>> [email protected]https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>>>
>>>>
>>>> --
>>>> Fabrice [email protected] :: +1.514.447.4918 (x135) ::
>>>> www.inverse.ca
>>>> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence
>>>> (http://packetfence.org)
>>>>
>>>>
>>>> ------------------------------------------------------------
>>>> ------------------
>>>> Check out the vibrant tech community on one of the world's most
>>>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>>>> _______________________________________________
>>>> PacketFence-users mailing list
>>>> [email protected]
>>>> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>>>
>>>>
>>>
>>>
>>> --
>>> Att
>>> *Andre*
>>>
>>
>>
>>
>> --
>> Att
>> *Andre*
>>
>>
>> --
>> Fabrice [email protected] :: +1.514.447.4918 (x135) ::
>> www.inverse.ca
>> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence
>> (http://packetfence.org)
>>
>>
>
>
> --
> Att
> *Andre Scrivener*
>
>
> --
> Fabrice [email protected] :: +1.514.447.4918 (x135) :: www.inverse.ca
> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence
> (http://packetfence.org)
>
>
--
Att,
Andre Scrivener
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
