Whenever we connect a host, packetfence is trigggering the system scan
violation and presenting a Scan page for the user and initiates the nessus
(external server) scan when the user hits the scan button. The client is
failing on nessus ID:11153 and we modified the violations.conf so that
client will be placed in the islation VLAN if it triggers that nessus ID,
below is the config
[1100001]
desc=Nessus Scan
url=/remediation.php?template=failed_scan
max_enable=4
button_text=Scan my computer again
trigger=Nessus::11153
actions=email,log,trap
# for faster remediation, it is recommended to leave an offending client in
the registration vl$
vlan=isolationVlan
But even though the client is failing on nessus id-11153 its moving the
client to Normal VLAN instead of isolation VLAN . We believe that this is
not working as its supposed to be since its a external nessus server. We
suspect that pf server is initiating the scan but was not able to pull the
report from the external nessus server after the scan. Do we have to do
anything special in this case.
Thanks for your help....
--
Siddhartha
------------------------------------------------------------------------------
Master Visual Studio, SharePoint, SQL, ASP.NET, C# 2012, HTML5, CSS,
MVC, Windows 8 Apps, JavaScript and much more. Keep your skills current
with LearnDevNow - 3,200 step-by-step video tutorials by Microsoft
MVPs and experts. SALE $99.99 this month only -- learn more at:
http://p.sf.net/sfu/learnmore_122412
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
