Hi,
Maybe I'm not the correct person, cause I've just open one case for one
problem and configuration on packetfance with cisco 3560 :-)
Anyway:
I saw that you specify the access vlan for this port. This is not needed I
think. dot1x will make this work for you.
Just to configure "Normal" vlan in packetfence switch configuration, in
order to forward the correct information to the switch.
Try to do this...
Anyway, some other question that maybe will help me too:
1) I have also cisco 3560, but no possibility to perform commands that
start with "authentication xxx" ...In which way were you able to do this?
2) Why do you wanna MAB? Isn't enough dot1x + SNMP in order to send and
change port configuration?
ok... in my case is not working at all... I able to see the portal...
make the self registration... but the last and "dream" switch vlan is not
working! :-S :-<
NOTE:
If Our configuration is similar.... what do you think to share the
information and files configuration between us?
Regards
Matteo
2014-06-09 22:03 GMT+02:00 Ali Tekeoglu <alit...@gmail.com>:
> Hello PacketFence users,
>
> I am wondering if "Port-Security" and "802.1X/MAB" are supposed to be
> used together or if they are mutually exclusive ?
>
> I use 802.1X/MAB and PortSecurity on my Cisco 3560 switch,
> When a new client appears on the configured port, 802.1X fails as
> expected and the new client authenticates through MAB and gets
> assigned an IP address(from Registration VLAN) by PacketFence.
>
> However, it can not reach to the Captive Portal even though the
> httpd.portal is running and listening.
> I am guessing Port-Security on the switch is blocking my client to
> reach to the server.
>
>
> Here is the configuration of my port that a client plugs into;
>
> !
> interface FastEthernet0/33
> switchport access vlan 4
> switchport mode access
> switchport port-security maximum 1 vlan access
> switchport port-security
> switchport port-security violation restrict
> switchport port-security mac-address 0200.0001.0033 vlan access
> authentication order dot1x mab
> authentication priority dot1x mab
> authentication port-control auto
> authentication periodic
> authentication timer restart 10800
> authentication timer reauthenticate 7200
> mab
> no snmp trap link-status
> dot1x pae authenticator
> dot1x timeout quiet-period 2
> dot1x timeout tx-period 3
> !
>
>
> Thank you so much beforehand for your help and suggestions...
>
>
> --ali
>
>
> ------------------------------------------------------------------------------
> HPCC Systems Open Source Big Data Platform from LexisNexis Risk Solutions
> Find What Matters Most in Your Big Data with HPCC Systems
> Open Source. Fast. Scalable. Simple. Ideal for Dirty Data.
> Leverages Graph Analysis for Fast Processing & Easy Data Exploration
> http://p.sf.net/sfu/hpccsystems
> _______________________________________________
> PacketFence-users mailing list
> PacketFence-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
------------------------------------------------------------------------------
HPCC Systems Open Source Big Data Platform from LexisNexis Risk Solutions
Find What Matters Most in Your Big Data with HPCC Systems
Open Source. Fast. Scalable. Simple. Ideal for Dirty Data.
Leverages Graph Analysis for Fast Processing & Easy Data Exploration
http://p.sf.net/sfu/hpccsystems
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users
