Hello Le 2015-04-16 04:43, Nicolas Gailly a écrit : > Hello > > I reply to the thread > http://sourceforge.net/p/packetfence/mailman/message/33832156/ > I am so sorry I did not subscribe the mailing at the time so I could > not respond to the thread ... (Yes people still don't know how to use > mailing list.. Now i do ;) > > If I understand you well, that means : > - a NEW user will automatically try to connect with 802.1x (that > implies that every device support 802.1x natively ?) Yes of course > - Packetfence / freeradius will see that the device a not registered > and therefore, will OPEN the port and set it up in the registration VLAN > - the user can now register ... > It's not really true: If you do mac-auth then what you said is true If you do 802.1x authentication and if it failled then the connection is deny.
> - a REGISTERED user will try to connect to 802.1x > - he will gives its credentials > - if they are OK, packetfence set them in the data VLAN Yes > - if they are NOT OK, packetfence will put them in the registration > VLAN ? > No. the connection is deny. If you do 802.1x you must have a valid username and password to access to the production network. What you can do is the following: configure 802.1x (Cisco example) : https://github.com/inverse-inc/packetfence/blob/devel/docs/PacketFence_Network_Devices_Configuration_Guide.asciidoc#8021x-with-mac-authentication-bypass-multidomain Then if you have a 802.1x supplicant and a valid username and password then you will be allowed on the network. If you don't have a supplicant then the connection will be mac-auth and you will hit the captive portal to register. > Thank you for your time , and sorry again for the new thread... I am > registered now so it's good ! > > Nicolas GAILLY > > > ------------------------------------------------------------------------------ > BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT > Develop your own process in accordance with the BPMN 2 standard > Learn Process modeling best practices with Bonita BPM through live exercises > http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- event?utm_ > source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF > > > _______________________________________________ > PacketFence-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/packetfence-users Regards Fabrice -- Fabrice Durand [email protected] :: +1.514.447.4918 (x135) :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://packetfence.org)
0xF78F957E.asc
Description: application/pgp-keys
------------------------------------------------------------------------------ BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT Develop your own process in accordance with the BPMN 2 standard Learn Process modeling best practices with Bonita BPM through live exercises http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- event?utm_ source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF
_______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
