Hello Jose, I think you are correct.
Thanks, Ludovic Zammit Product Support Engineer Principal Cell: +1.613.670.8432 Akamai Technologies - Inverse 145 Broadway Cambridge, MA 02142 Connect with Us: <https://community.akamai.com/> <http://blogs.akamai.com/> <https://twitter.com/akamai> <http://www.facebook.com/AkamaiTechnologies> <http://www.linkedin.com/company/akamai-technologies> <http://www.youtube.com/user/akamaitechnologies?feature=results_main> > On Apr 25, 2022, at 8:09 AM, José Ramos via PacketFence-users > <packetfence-users@lists.sourceforge.net> wrote: > > I tried with an other switch (Cisco SMB) and this worked so I think that this > is a switch problem. Maybe this is because it is a virtualized switch. > > > On Sun, Apr 24, 2022 at 7:15 PM José Ramos <joseramosdeoli...@gmail.com > <mailto:joseramosdeoli...@gmail.com>> wrote: > Here is the switch configuration (testing so almost empty :)) > aaa new-model > ! > ! > aaa group server radius packetfence > server 192.168.1.100 auth-port 1812 acct-port 1813 > ! > aaa authentication login default local > aaa authentication dot1x default group packetfence > aaa authorization network default group packetfence > ! > ! > ! > ! > aaa server radius dynamic-author > client 192.168.1.100 server-key xxxxx > port 3799 > ! > aaa session-id common > no ip icmp rate-limit unreachable > ! > ip cef > ! > ! > no ip domain-lookup > no ipv6 cef > ipv6 multicast rpf use-bgp > ! > ! > dot1x system-auth-control > ! > ! > ! > ! > ! > spanning-tree mode pvst > spanning-tree extend system-id > ! > ! > ! > ! > vlan internal allocation policy ascending > ! > ip tcp synwait-time 5 > ! > ! > ! > ! > ! > ! > ! > ! > ! > interface Ethernet0/0 > switchport trunk encapsulation dot1q > switchport mode trunk > duplex auto > ! > interface Ethernet0/1 > duplex auto > ! > interface Ethernet0/2 > switchport mode access > duplex auto > authentication order mab dot1x > authentication priority mab dot1x > authentication port-control auto > authentication periodic > authentication timer restart 10800 > authentication timer reauthenticate 10800 > mab > no snmp trap link-status > dot1x pae authenticator > dot1x timeout quiet-period 10 > dot1x timeout tx-period 10 > ! > interface Ethernet0/3 > duplex auto > ! > interface Ethernet1/0 > duplex auto > ! > interface Ethernet1/1 > duplex auto > ! > interface Ethernet1/2 > duplex auto > ! > interface Ethernet1/3 > duplex auto > ! > interface Ethernet2/0 > duplex auto > ! > interface Ethernet2/1 > duplex auto > ! > interface Ethernet2/2 > duplex auto > ! > interface Ethernet2/3 > duplex auto > ! > interface Ethernet3/0 > duplex auto > ! > interface Ethernet3/1 > duplex auto > ! > interface Ethernet3/2 > duplex auto > ! > interface Ethernet3/3 > duplex auto > ! > interface Vlan1 > ip address 192.168.10.10 255.255.255.0 > ! > interface Vlan20 > no ip address > ip helper-address 192.168.1.100 > shutdown > ! > ! > no ip http server > ! > ip route 0.0.0.0 0.0.0.0 192.168.10.254 > ! > ! > ! > snmp-server community public RO > snmp-server community private RW > ! > radius-server host 192.168.1.100 auth-port 1812 acct-port 1813 timeout 2 key > xxxxx > radius-server vsa send authentication > ! > ! > control-plane > ! > ! > line con 0 > exec-timeout 0 0 > privilege level 15 > logging synchronous > line aux 0 > exec-timeout 0 0 > privilege level 15 > logging synchronous > line vty 0 4 > ! > end > > > On Sun, Apr 24, 2022 at 2:11 PM rein--- via PacketFence-users > <packetfence-users@lists.sourceforge.net > <mailto:packetfence-users@lists.sourceforge.net>> wrote: > please paste your config on the switchport and the general settings on the > switch. > > you can also use the log (sh log) to see what happens when you plug in > something in the switch. > > April 21, 2022 8:30 AM, "José Ramos via PacketFence-users" > <packetfence-users@lists.sourceforge.net > <mailto:packetfence-users@lists.sourceforge.net?to=%22jos%c3%a9%20ramos%20via%20packetfence-users%22%20%3cpacketfence-us...@lists.sourceforge.net%3E>> > wrote: > Hello dear PacketFence users and developers ! > I have successfully configured PacketFence with 802.1x (PF directly connected > on the switch to manage). > But I can't figure out how to to MAC authentication. I have enabled MAB on my > Cisco switch and registered the MAC address in the node tab. But nothing > happens when I connect the device. I'm not put in the registration/isolation > vlan and have no access to corporate network (which is logical since I > enabled MAB). > Can someone help me pls ? > Thank you in advance ! > José Ramos. > > > _______________________________________________ > PacketFence-users mailing list > PacketFence-users@lists.sourceforge.net > <mailto:PacketFence-users@lists.sourceforge.net> > https://lists.sourceforge.net/lists/listinfo/packetfence-users > <https://urldefense.com/v3/__https://lists.sourceforge.net/lists/listinfo/packetfence-users__;!!GjvTz_vk!UUVvkAJmsomQuQ41jx4QJ0_RhEcsBBsl2dDjLetRudgtKLyPKKc9V6EuJr1FvhZaZeS_WpDv_RN-AtnI42je9EQ2v3OBVtSa8HAC7Q$> > _______________________________________________ > PacketFence-users mailing list > PacketFence-users@lists.sourceforge.net > https://urldefense.com/v3/__https://lists.sourceforge.net/lists/listinfo/packetfence-users__;!!GjvTz_vk!UUVvkAJmsomQuQ41jx4QJ0_RhEcsBBsl2dDjLetRudgtKLyPKKc9V6EuJr1FvhZaZeS_WpDv_RN-AtnI42je9EQ2v3OBVtSa8HAC7Q$ > > <https://urldefense.com/v3/__https://lists.sourceforge.net/lists/listinfo/packetfence-users__;!!GjvTz_vk!UUVvkAJmsomQuQ41jx4QJ0_RhEcsBBsl2dDjLetRudgtKLyPKKc9V6EuJr1FvhZaZeS_WpDv_RN-AtnI42je9EQ2v3OBVtSa8HAC7Q$>
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
