Ok so on the setup_wifi SSID it always return the reg vlan, right ?
So you have to deny reg device in the NormalVlan scope.
[reg_devices]
filter = node_info
operator = is
attribute = status
value = reg
[reg_network]
filter = ssid
operator = is
value = setup_wifi
Yep that's right, the setup_wifi SSID is the registration vlan.
The logic below seems to make sense. I'll try to put this in place and see how
we get on.
Cheers,
Andi
-Original Message-
From: Fabrice Durand [mailto:fdur...@inverse.ca]
Sent: 04 November 2015 13:29
To:
Thanks Fabrice.
"But i have a question, if the device is reg then it's suppose to go on a
production vlan, not the registration vlan ?!"
Yes this is exactly my issue. Devices are being setup and registered (through
autoreg the first time they connect), however my onboarding software is having
Hello Andy,
let's try this:
[reg_devices]
filter = node_info
operator = is
attribute = status
value = reg
[reg_network]
filter = ssid
operator = is
value = setup_wifi
[block_reg_devices:reg_devices_network]
scope = RegistrationVlan
role = blocked
But i have a question, if the device
Derek. At last mail I had told you that adapting the regex was problematic
because what I had in my packet fence was very different from what you had
described.
"https://github.com/inverse-inc/packetfence/blob/devel/sbin/pfdetect#L103
Commenting out lines 103 to 131 and adding your new regex
Now I have the vlan_filters in front of me, does this look doable?
[reg_devices]
filter = node_info
operator = is
attribute = status
value = reg
[reg_network]
filter = ssid
operator = is
value = setup_wifi
[block_reg_devices:reg_devices_network]
role = blocked
Cheers,
Andi
From: Morris, Andi