Hello,
I am planning a packetfence deployment on our corporate network,
consisting of various L2 and L3 models of switches from different vendors,
for nearly 2k active ip. Our network is split in vlans. Nearly every flour
of every building has one or more vlans for offices spread all around the
country. We own the biggest Fiber Optic operated network in Tunisia and
lease some of which to telco operators but still rely on them for
connecting many "isolated" railway stations to our corporate network via
mpls and other "techniques". This is for the introduction.
The test pf server is located in the datacenter and i am configuring a
cisco catalyst 2960 updated to the latest firmware with port security to
use pf as its nac. This c2960 is located in one of the flours in a
separate vlan from the pf server and has to "cross" three L3 production
swithes and a firewall to get to the server room.
I am planning a deployement in "VLAN enforcement " mode
My questions are:
I have to declare at least three vlans on pf server, registration
isolation and management, to get to the next step in the web configurator.
Do i have to declare these vlans also on the c2960 test switch ?
How endpoints placed in isloation or remediation vlans on a remote switch,
which the c2960 test one is, could connect to wsus or antivirus server for
remediation or ftp server for downloading ?
Do i have to declare the remediation vlan also on pf server ?
TIA
Fathi Ben Nasr
------------------------------------------------------------------------------
Go from Idea to Many App Stores Faster with Intel(R) XDK
Give your users amazing mobile app experiences with Intel(R) XDK.
Use one codebase in this all-in-one HTML5 development environment.
Design, debug & build mobile apps & 2D/3D high-impact games for multiple OSs.
http://pubads.g.doubleclick.net/gampad/clk?id=254741911&iu=/4140
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
