Hi All,
I'm trying to have the following test working, but I'm not able to understand what I'm doing wrongly.
Enviroment
- Switch HP 2510G-24 (192.168.150.152)
- Packetfence installed on Centos 7 (192.168.150.150)
- Laptop connected to port 2 of the Switch
Switch configuration:
---
ProCurve Switch 2510G-24# show running-config
Running configuration:
; J9279A Configuration Editor; Created on release #Y.11.52
hostname "ProCurve Switch 2510G-24"
ip default-gateway 192.168.150.254
sntp server 195.141.190.190
timesync sntp
sntp unicast
snmp-server community "public" Operator Unrestricted
snmp-server host 192.168.150.150 "public" Not-INFO
vlan 1
name "DEFAULT_VLAN"
untagged 1-9,12-24
ip address 192.168.150.152 255.255.255.0
no untagged 10-11
exit
vlan 600
name "Registration"
exit
vlan 601
name "Guest"
exit
aaa authentication port-access eap-radius
aaa accounting network start-stop radius
radius-server host 192.168.150.150 key XXX
port-security 2 learn-mode configured action send-alarm mac-address 000000000002
port-security 3 learn-mode configured action send-alarm mac-address 000000000003
no snmp-server enable traps link-change 1-24
aaa port-access gvrp-vlans
aaa port-access authenticator active
ip default-gateway 192.168.150.254
sntp server 195.141.190.190
timesync sntp
sntp unicast
snmp-server community "public" Operator Unrestricted
snmp-server host 192.168.150.150 "public" Not-INFO
vlan 1
name "DEFAULT_VLAN"
untagged 1-9,12-24
ip address 192.168.150.152 255.255.255.0
no untagged 10-11
exit
vlan 600
name "Registration"
exit
vlan 601
name "Guest"
exit
aaa authentication port-access eap-radius
aaa accounting network start-stop radius
radius-server host 192.168.150.150 key XXX
port-security 2 learn-mode configured action send-alarm mac-address 000000000002
port-security 3 learn-mode configured action send-alarm mac-address 000000000003
no snmp-server enable traps link-change 1-24
aaa port-access gvrp-vlans
aaa port-access authenticator active
---
On the Packetfence I've added the switch choosing "HP Procurve_2500" , deauth SNMP, Roles by VLAN ID configured the same radius password and SNMP v2 with public and private community.
When I connect the laptop (also after a clear-intrusion-flag on the switch) nothing happens. I've captured the snmp trap sent from the switch, but it seems that the bulk request sent from Packetfence is empty (attached .pcap).
My question is:
I should see the SNMP set command from packetfence to the Switch to put the interface where the laptop is connected in Registration VLAN, the the user should see the packetfence captive portal page, insert login and password and then another SNMP set command to put the interface in VLAN defined for that user. Is this right or not?
I've tried to read the documentation, but this is not explained so in detail and also on the mailinglist I didn't found thread with this explanation.
Note: If I connect the Switch to a Windows Server with Radius, it's working as expected with 802.1x auth, assigning the right VLAN to that port.
Thanks in advance.
MB
SNMP_Packetfence.pcap
Description: Binary data
_______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
