Hey Marc, hey everybody,
Am 25.04.24 um 00:02 schrieb Mark Okuno via PacketFence-users:
One last thing: while the new VLAN roles appear in the Roles screen,
they were not appearing as options to select for the nodes. I had to
restart the VM in order for them to become available when configuring nodes.
**One remark**: I just tried to add a role in PF13.1 and immediately
tried to add it to an unregistered node without role and this worked on
my installation (no ZEN running directly on hardware).
**One question**: You write "VLAN roles" and I'm wondering whether I
understood the term "role" in PFs context correctly: I thought that the
role is an abstraction for whatever enforcement mode is used. E.g.
A node in the role guest:
- might be constraint by vlan enforcement to a certain vlan
- might be denied access to certain switches
- might be restricted by inline firewall rules when connected to a
network configured to use inline enforcement
- might be restricted by access lists on the switch it is connected to
In short the guest node would get more or less the same permissions by
very different enforcement modes on different parts of the network
depending on the network equipment and needs for the different parts of
the network.
Am I wrong here and the role should always be thought of being related
directly to a vlan?
Chris
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users
