Re: [PacketFence-users] option 82 not working

Mon, 18 Mar 2019 05:23:49 -0700 

Hello saskatooner,

you need to send the dhcp traffic to PacketFence.

https://github.com/inverse-inc/packetfence/blob/devel/docs/PacketFence_Installation_Guide.asciidoc#dhcp-remote-sensor

Regards

Fabrice


Le 19-03-17 à 01 h 58, saskatooner Canada via PacketFence-users a écrit :

Hi everyone

My configuration is:

  * 2960 Cisco sw

  * pfsense as firewall between vlans and also DHCP server

  * packetfence with mab and 802.1x authentication with Active Directory

  * packetfence having only one IP, in management vlan =20

  * users having vlans from 21-26 ( packetfence doesn't have an IP in
    these ranges)
As pf is not as DHCP server, it cannot bring users; IP address and Computer names after their authentication. I have tried enabling option 82 to fix this but with no luck. 

here is my sw option 82 configs:

    #show ip dhcp snooping
    Switch DHCP snooping is enabled
    DHCP snooping is configured on following VLANs:
    11
    DHCP snooping is operational on following VLANs:
    11
    DHCP snooping is configured on the following L3 Interfaces:

    Insertion of option 82 is enabled
       circuit-id default format: vlan-mod-port
       remote-id: 0021.5660.4480 (MAC)
    Option 82 on untrusted port is allowed
    Verification of hwaddr field is enabled
    Verification of giaddr field is enabled
    DHCP snooping trust/rate is configured on the following Interfaces:

    Interface                  Trusted    Allow option    Rate limit (pps)
    -----------------------    -------    ------------ ----------------
    GigabitEthernet0/1         yes        yes unlimited
      Custom circuit-ids:
    GigabitEthernet0/2         yes        yes unlimited
      Custom circuit-ids:
On pf. option 82 and dhdp detect are checked. But nothing is showing as IP for my nodes. 

Could anyone help?
How should I debug? Any related logs for example?



_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users


--
Fabrice Durand
[email protected] ::  +1.514.447.4918 (x135) ::  www.inverse.ca
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence 
(http://packetfence.org)


_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users






















					Reply via email to