I wonder if it's like the Aruba 2930s where it supports half of 3576 (COA) only. For device type are you using EX series? Or one of the others? You may have to change the device type and play with it a bit
On Fri, Mar 13, 2020, 10:40 AM Nicholas Pier <[email protected]> wrote: > I'm seeing conflicting information there. The switch lets me configure an > alternate CoA port. It's clearly an option in the CLI. > > However, the official documentation doesn't list the EX4200s as supporting > changes to authorization. They're an end of support device. So, it could > just be that the documentation doesn't cover legacy devices. > > https://www.juniper.net/documentation/en_US/junos/topics/topic-map/802-1x-authentication-switching-devices.html > > Also, I never see packetfence send a deauth message in a packet capture. > So, I don't know if this is a compatibility issue with hardware or server > side configuration issue. > > My hope was to find someone in this user group who's successfully using > them - which profile - which deauth method - etc... > > > *Nicholas P. Pier* > Network Architect > CCNP R&S, PCNSE, VCIX6-DCV, VCIX6-NV, RHCE, CEHv10 > > > On Fri, Mar 13, 2020 at 1:27 PM Zacharry Williams <[email protected]> > wrote: > >> Lol whoops! I was working on a couple firewalls and totally mixed up my >> rfcs! 3576 is the one I meant. >> >> On Fri, Mar 13, 2020, 8:49 AM Nicholas Pier <[email protected]> wrote: >> >>> **accidentally sent too soon*** >>> >>> >>> https://www.juniper.net/documentation/en_US/junos/topics/reference/standards/ospf.html >>> Click on "Platform and Release Support" for details. >>> >>> >>> *Nicholas P. Pier* >>> Network Architect >>> CCNP R&S, PCNSE, VCIX6-DCV, VCIX6-NV, RHCE, CEHv10 >>> >>> >>> On Fri, Mar 13, 2020 at 11:48 AM Nicholas Pier <[email protected]> >>> wrote: >>> >>>> Hi Zachary, >>>> >>>> How does OSPF help in the scenario? Is that the right RFC? >>>> >>>> To answer your question, the OSPF VPN feature is not supported until >>>> later hardware (according to the following link). >>>> >>>> *Nicholas P. Pier* >>>> Network Architect >>>> CCNP R&S, PCNSE, VCIX6-DCV, VCIX6-NV, RHCE, CEHv10 >>>> >>>> >>>> On Fri, Mar 13, 2020 at 11:21 AM Zacharry Williams <[email protected]> >>>> wrote: >>>> >>>>> Do those switches support rfc 4576? >>>>> >>>>> On Thu, Mar 12, 2020, 5:42 PM Nicholas Pier via PacketFence-users < >>>>> [email protected]> wrote: >>>>> >>>>>> Hello, >>>>>> >>>>>> The Juniper switches are properly placing nodes on vlans based on >>>>>> roles if there's an up/down port event. The problem is that, I can't seem >>>>>> to get de-authentication devices to change their VLAN without an up/down >>>>>> event. We have an important workflow where a user changes role after >>>>>> logging into a captive portal page. But, the role won't change unless >>>>>> they >>>>>> disconnect/connect or reboot. I also did a packet capture using tcpdump >>>>>> on >>>>>> the packetefence server and never see it send a CoA/Radius message to the >>>>>> switch to deauth the port when a role changes. >>>>>> >>>>>> Also, packetfence's feature to restart the port doesn't seem to be >>>>>> working. >>>>>> >>>>>> I have an existing Packetfence environment with Cisco switches and am >>>>>> trying to introduce some older Juniper switches (EX4200s with 15.1 >>>>>> firmware). Cisco devices transition VLANs without the need to restart the >>>>>> port manually. >>>>>> >>>>>> Can anyone offer some guidance? >>>>>> >>>>>> Packetfence version is 9.3. >>>>>> packetfence-9.3.0-20200113144930.108928498.0007.el7.x86_64 >>>>>> CentOS 7.7 - 3.10.0-1062.12.1.el7.x86_64 >>>>>> I'm using the Juniper::EX2200_v15 template. >>>>>> Switches affected are EX4200s with JUNOS 15.1R7.9 firmware >>>>>> >>>>>> I can provide switch configurations if need-be. >>>>>> >>>>>> *Nicholas P. Pier* >>>>>> Network Architect >>>>>> CCNP R&S, PCNSE, VCIX6-DCV, VCIX6-NV, RHCE, CEHv10 >>>>>> _______________________________________________ >>>>>> PacketFence-users mailing list >>>>>> [email protected] >>>>>> https://lists.sourceforge.net/lists/listinfo/packetfence-users >>>>>> >>>>>
_______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
