Hello, You need to use the routed mode of packetfence (look the documentation) . You can use different vlan on each switch. Regards
Le mercredi 9 octobre 2019, Javier Pobeda via PacketFence-users < [email protected]> a écrit : > > Hi folks, > > I'm struggling to understand basic design stuff. > > I want to run my PF server to authenticate remote users (wired 802.1x) and > also provide AAA to access network gear assigning role privilege levels, > etc. > > Remote offices use different VLAN configuration so I have to be able to > allocate different VLAN IDs with Radius. > > What mode should I choose during the setup? just VLAN? or VLAN AND Radius. > > Does this allow for putting a user that fails auth into a "remediation" > LAN? > > *VLAN enforcement* > PacketFence is the server that assigns the VLAN (or roles) to the devices. > This is the prefered enforcement mechanism for manageable equipment. > *WebAuth enforcement* > PacketFence is the server that assigns the Role (or ACL) to the devices. > This mode is for web authentication. > *RADIUS enforcement* > PacketFence is the server that validates the RADIUS authentication and > returns the VLAN (or roles) to the devices. This mode does not have a > registration option, it is either accept or deny with the final VLAN. > > If I choose VLAN and RADIUS It requires to add new interfaces but they > MUST be on separate networks which I'm not sure why if what I want is to > have a remote radius server to do the job. I can't quite get the purpose. > > Anyone able to shed some light? > > Thanks > > >
_______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
