Ref: thread@ https://sourceforge.net/p/packetfence/mailman/message/36501710/
Hi, Digging more in the PF users mail list found a solution. These are the commands required in the Cisco Switch: [Global] snmp-server community <public> RO snmp-server community <private> RW snmp-server enable traps snmp authentication linkdown linkup snmp-server enable traps port-security snmp-server enable traps port-security trap-rate 1 snmp-server enable traps MAC-Notification snmp-server host <PacketFence server IP address> version 2c public MAC-Notification snmp [Interface] snmp trap mac-notification added snmp trap mac-notification removed A small reminder that in Cisco CLI you can configure multiple intefaces at once (after "conf t") with: switch(config)# interface range gi1/0/2-1/0/24 switch(config-if-range)# <enter the command for all interfaces here> Brgds, Eran. From: Eran Benno via PacketFence-users [mailto:[email protected]] Sent: Monday, December 24, 2018 2:18 PM To: [email protected] Cc: Eran Benno <[email protected]> Subject: [PacketFence-users] Packetfence get MAC error help Hello Fabrice, I've been busting my head with the following error: Dec 24 10:46:37 PacketFence-ZEN pfqueue: pfqueue(20116) WARN: [mac:] couldn't get MAC at ifIndex 10105. This is a problem. (pf::Switch::_getMacAtIfIndex) Dec 24 10:46:39 PacketFence-ZEN pfqueue: pfqueue(20116) WARN: [mac:] couldn't get MAC at ifIndex 10105. This is a problem. (pf::Switch::_getMacAtIfIndex) Looking at some previous posts on this issue – no resolution provided that is any help for me. I use Cisco 2960G switch IOS 12.2.(44): [Global] snmp-server community <public> RO snmp-server community <private> RW snmp-server enable traps snmp authentication linkdown linkup snmp-server enable traps port-security snmp-server enable traps port-security trap-rate 1 snmp-server enable traps mac-notification change move threshold snmp-server host <PacketFence server IP address> version 2c public [Interface] interface GigabitEthernet0/5 switchport access vlan XXX switchport port-security violation restrict switchport port-security mac-address 0200.0001.0105 end When requesting the MAC address from the PF CLI: [root@PacketFence-ZEN bin]# ./pfcmd_vlan -switch 10.0.1.200 -ifIndex 10105 -getMAC 68:F7:28:6D:93:ED Why can't the PF get the MAC address when the port is in "MAC Isolation" mode/VLAN? Your help will be most appreciated, Eran Benno
_______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
