Hello Jon,
it's really simple, you just need to set -1 in the registration role.
Then if a unreg device try to connect then it will be rejected.
Regards
Fabrice
Le 19-08-09 à 11 h 37, Jon Barret via PacketFence-users a écrit :
Hello,
We are currently looking into using Packetfence but are running into
some issues. The way the network is setup we connect computers behind
an IP phone. If we were to use VLAN isolation then once the phone
would authenticate a computer would be able to join that Vlan is the
way I understand it. We noticed however that we could possibly control
access just by using roles. For example if an ip phone is in an accept
role and a computer is in a reject role. The phone will get access to
the network then after plugging the computer into the phone that has
network access, packet fence will deny access because of the role
associated with the mac address. We are wondering if there is a way
to configure roles so that whenever a new mac address or device is
recognized instead of auto-registering this device can we set the role
to REJECT by default. So then we could go into packet fence and add
the mac address to an accept role giving it access if we knew this was
a safe device. Please advise and I appreciate your help. Also if this
isn't the best way to receive support please let me know, i'm going
off of the packetfence's website advice.
Thanks!
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
--
Fabrice Durand
[email protected] :: +1.514.447.4918 (x135) :: www.inverse.ca
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence
(http://packetfence.org)
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
