Hello Leonardo, Your issue is very specific and I would bet it’s configuration related.
I can tell you that it won’t be possible to do all the troubleshooting steps here, it’s not a simple task. However I can give you pointers to look at. 1- Eth0 need to be set as a Stat interface in the inline configuration under Configuration > Network Configuration > Networks > inline > Snat 2- If I understand correctly, eth1 is a trunk interface where you have added VLAN 11 on it. Can you ping from that interface another VLAN 11 interface in the network ? If yes, do some capture to make sure the VLAN 11 reach eth1.11 interface. Use the commands: ping -I eth1.11 1.2.3.4 ipset -S | less <— Check the ipset session, make sure where your Mac address is at ip route get 1.2.3.4 tcpdump -I eth1.11 port 67 Thanks, Ludovic Zammit Product Support Engineer Principal Cell: +1.613.670.8432 Akamai Technologies - Inverse 145 Broadway Cambridge, MA 02142 Connect with Us: <https://community.akamai.com/> <http://blogs.akamai.com/> <https://twitter.com/akamai> <http://www.facebook.com/AkamaiTechnologies> <http://www.linkedin.com/company/akamai-technologies> <http://www.youtube.com/user/akamaitechnologies?feature=results_main> > On Aug 16, 2022, at 4:27 AM, Leonardo Izzo I.T.S. > <leonardo.i...@itsinformatica.it> wrote: > > Hi could you please answer? It is very important for my work. Thank you > > --- Messaggio inoltrato --- > Da: leonardo.i...@itsinformatica.it <mailto:leonardo.i...@itsinformatica.it> > Data: 6 agosto 2022 17:32:00 > Oggetto: static ip and dhcp on vlan interface > A: luza...@akamai.com <mailto:luza...@akamai.com> > Cc: packetfence-users@lists.sourceforge.net > <mailto:packetfence-users@lists.sourceforge.net> > hi, I have Packetfence which is configured as follows: > It has 3 network cards: eth0 of type "other" which acts as wan, eth1 is LAN > interfaces and eth2 is of type "management". > The interfaces related to eth1 is configured as Inline. > My requirement is that for the subnet related to eth1, only a host with > static ip must go out on the Internet by pf. how do i configure this thing? > Also I have a wifi controller which assigns vlan 11 to all wifi traffic. > For this reason, on the eth1 interface I have created a vlan interface with > id: 11, also configured in Inline mode. > How come on this interface, pf does not intercept the wifi traffic with id: > 11 by assigning ip addresses to it through dhcp and then obviously doing the > nat to go out on the Internet? > > Thank you
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
