Hello Bowen, All radius authentication is based on the MAC address of the device which is unique.
Which type of authentication are you referring to? Mac authentication ? 802.1x ? If it’s the former and the device is registered it would get into the same VLAN of the mentioned registered role. It’s hard to help out to resolve such issue because it can involve a lot of different components, if you can’t resolve that issue with the nailing list, I suggest you take a look our professional services. Thanks, Ludovic Zammit Product Support Engineer Principal Lead Cell: +1.613.670.8432 Akamai Technologies - Inverse 145 Broadway Cambridge, MA 02142 Connect with Us: <https://community.akamai.com/> <http://blogs.akamai.com/> <https://twitter.com/akamai> <http://www.facebook.com/AkamaiTechnologies> <http://www.linkedin.com/company/akamai-technologies> <http://www.youtube.com/user/akamaitechnologies?feature=results_main> > On Sep 1, 2022, at 10:16 PM, Bowen Zhang via PacketFence-users > <packetfence-users@lists.sourceforge.net> wrote: > > Hello, everybody. > > We have problems letting packetfence work with a primary Layer 3 switch > connected with secondary Layer 2 switches. Please help us! Thanks! > > We are using packetfence 11.2 in VLAN enforcement mode so that we can > register devices through the registration page. We have four VLANs: user VLAN > 100, mac detection VLAN 101, registration VLAN 102, and isolation VLAN 103. > The switch configured in packetfence is a Huawei S5700 switch. It works well > when we directly connect devices to that switch. > > However, a problem occurs when we connect a secondary Layer 2 switch to a > port of the primary switch (the Huawei S5700 mentioned above) and connect > devices to the secondary switch. At first, we register devices as normal. > But, when we unregister devices through the status page, the devices are > still in the user VLAN and can access the resources. > > We then checked the "locationlog" table in the database of packetfence. > Through testing, we find when a new device connects to the secondary switch, > the "end_time" fields of all registered devices under the secondary switch > will be overwritten by the start time of the new device. It causes "open > locationlog entry was found" when unregistering those registered devices. > > The reason for this overwriting seems that the devices under the same > secondary Layer 2 switch have the same port in the "locationlog" table. We > have no idea how to solve this problem. Could somebody help us? How does > packetfence work when devices are under a secondary Layer 2 switch connected > to the primary Layer 3 switch? > > Thanks! > Bowen Zhang > > _______________________________________________ > PacketFence-users mailing list > PacketFence-users@lists.sourceforge.net > https://urldefense.com/v3/__https://lists.sourceforge.net/lists/listinfo/packetfence-users__;!!GjvTz_vk!SWoDnwOpHc5g6Z1DRYgQ79Bal3zhBGBWx99mCFj1eiBdev6TH3Hn4GBOtfgKXvHqcWhU3AtqVWCpBnjPT9flvk80OVR6qYvKxiHhHw$ >
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
