Re: [PacketFence-users] option 82 not working

[Fabrice Durand via PacketFence-users]

Hello saskatooner,

you need to send the dhcp traffic to PacketFence.

https://github.com/inverse-inc/packetfence/blob/devel/docs/PacketFence_Installation_Guide.asciidoc#dhcp-remote-sensor

Regards

Fabrice


Le 19-03-17 à 01 h 58, saskatooner Canada via PacketFence-users a écrit :

Hi everyone

My configuration is:

  * 2960 Cisco sw

  * pfsense as firewall between vlans and also DHCP server

  * packetfence with mab and 802.1x authentication with Active Directory

  * packetfence having only one IP, in management vlan =20

  * users having vlans from 21-26 ( packetfence doesn't have an IP in
these ranges)


As pf is not as DHCP server, it cannot bring users; IP address and 
Computer names after their authentication. I have tried enabling 
option 82 to fix this but with no luck.


here is my sw option 82 configs:

#show ip dhcp snooping
Switch DHCP snooping is enabled
DHCP snooping is configured on following VLANs:
11
DHCP snooping is operational on following VLANs:
11
DHCP snooping is configured on the following L3 Interfaces:

Insertion of option 82 is enabled
   circuit-id default format: vlan-mod-port
   remote-id: 0021.5660.4480 (MAC)
Option 82 on untrusted port is allowed
Verification of hwaddr field is enabled
Verification of giaddr field is enabled
DHCP snooping trust/rate is configured on the following Interfaces:

Interface  Trusted    Allow option    Rate limit (pps)
---    ---     
GigabitEthernet0/1 yes    yes unlimited
  Custom circuit-ids:
GigabitEthernet0/2 yes    yes unlimited
  Custom circuit-ids:


On pf. option 82 and dhdp detect are checked. But nothing is showing 
as IP for my nodes.


Could anyone help?
How should I debug? Any related logs for example?



___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users


--
Fabrice Durand
fdur...@inverse.ca ::  +1.514.447.4918 (x135) ::  www.inverse.ca
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence 
(http://packetfence.org)

___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

[PacketFence-users] option 82 not working

[saskatooner Canada via PacketFence-users]

Hi everyone

My configuration is:


   - 2960 Cisco sw


   - pfsense as firewall between vlans and also DHCP server


   - packetfence with mab and 802.1x authentication with Active Directory


   - packetfence having only one IP, in management vlan =20


   - users having vlans from 21-26 ( packetfence doesn't have an IP in
   these ranges)


As pf is not as DHCP server, it cannot bring users; IP address and Computer
names after their authentication. I have tried enabling option 82 to fix
this but with no luck.

here is my sw option 82 configs:

#show ip dhcp snooping
> Switch DHCP snooping is enabled
> DHCP snooping is configured on following VLANs:
> 11
> DHCP snooping is operational on following VLANs:
> 11
> DHCP snooping is configured on the following L3 Interfaces:
>
> Insertion of option 82 is enabled
>circuit-id default format: vlan-mod-port
>remote-id: 0021.5660.4480 (MAC)
> Option 82 on untrusted port is allowed
> Verification of hwaddr field is enabled
> Verification of giaddr field is enabled
> DHCP snooping trust/rate is configured on the following Interfaces:
>
> Interface  TrustedAllow optionRate limit (pps)
> ------
> GigabitEthernet0/1 yesyes unlimited
>   Custom circuit-ids:
> GigabitEthernet0/2 yesyes unlimited
>   Custom circuit-ids:


On pf. option 82 and dhdp detect are checked. But nothing is showing as IP
for my nodes.

Could anyone help?
How should I debug? Any related logs for example?
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users