> Have you tried using those? Not yet because it appears more complex/difficult to me to configure and i`m very new to NAC and packetfence.sorry, but valuable hint....will dig further there.
Anyway, to understand this correct - i can EITHER use 802.1x + mac auth fallback _OR_ VLAN Switching via SNMP Traps, correct ? (like being described here https://packetfence.org/about.html#/intro ) I`m curious about the following, though. There is this message in the log when i tried the generic swtich type: >SNMP trap handling not implemented for this type of switch. >(pf::Switch::parseTrap) The corresponding code in Switch.pm looks like this: >=item parseTrap > >Unimplemented base method meant to be overriden in switches that support SNMP >trap based methods. > >=cut > >sub parseTrap { > my $self = shift; > my $logger = $self->logger(); > $logger->warn("SNMP trap handling not implemented for this type of > switch."); > my $trapHashRef; > $trapHashRef->{'trapType'} = 'unknown'; > return $trapHashRef; >} Does that mean i cannot use SNMP Trap method with GENERIC type of switch ? Is pf webgui such a dumb beast ? I did not find bells and whistles of generic modules being documented somewehere... regards Roland > Gesendet: Mittwoch, 05. Juli 2017 um 17:07 Uhr > Von: "Sallee, Jake via PacketFence-users" > <[email protected]> > An: "[email protected]" > <[email protected]> > Cc: "Sallee, Jake" <[email protected]> > Betreff: Re: [PacketFence-users] HP 1920 (JG1920-14G) support ? > > According to HPs documentation the switch supports MAC auth and 802.1x > > https://www.hpe.com/h20195/v2/GetPDF.aspx/c04394247.pdf > > Have you tried using those? > > Jake Sallee > Godfather of Bandwidth > System Engineer > University of Mary Hardin-Baylor > WWW.UMHB.EDU > > 900 College St. > Belton, Texas > 76513 > > Fone: 254-295-4658 > Phax: 254-295-4221 > > ________________________________________ > From: devzero--- via PacketFence-users > <[email protected]> > Sent: Wednesday, July 5, 2017 9:06 AM > To: [email protected] > Cc: [email protected] > Subject: [PacketFence-users] HP 1920 (JG1920-14G) support ? > > Hello, > > any chance to get packectfence work with HP 1920 Switches? > > I wanted to try as a generic device via snmp and getting this far: > > Jul 5 15:57:18 packetfence packetfence: INFO pfcmd.pl(12509): generating > /usr/local/pf/var/conf/ssl-certificates.conf > (pf::services::manager::httpd::generateCommonConfig) > Jul 5 15:57:18 packetfence packetfence: INFO pfcmd.pl(12509): generating > /usr/local/pf/var/conf/captive-portal-common > (pf::services::manager::httpd::generateCommonConfig) > Jul 5 15:57:23 packetfence pfqueue: pfqueue(11017) INFO: [mac:] up trap > received on 172.16.26.25 ifIndex 6 (pf::task::pfsnmp::handleUpTrap) > Jul 5 15:57:23 packetfence pfqueue: pfqueue(11017) INFO: [mac:] setting > 172.16.26.25 port 6 to MAC detection VLAN (pf::task::pfsnmp::handleUpTrap) > Jul 5 15:57:23 packetfence pfqueue: pfqueue(11017) INFO: [mac:] setting VLAN > at 172.16.26.25 ifIndex 6 from 30 to 4 (pf::Switch::setVlan) > Jul 5 15:57:23 packetfence pfqueue: pfqueue(11017) ERROR: [mac:] Error > occured while handling trap : Can't locate object method "_setVlan" via > package "pf::Switch::Generic" at /usr/local/pf/lib/pf/Switch.pm line 688. > (pf::task::pfsnmp::handleTrap) > Jul 5 15:57:24 packetfence packetfence: pfsetvlan(0) WARN: [mac:[undef]] > ignoring non trap line perl callback function 0x7fd57fb142c8 returns 1 > (main::) > Jul 5 15:57:24 packetfence packetfence: pfsetvlan(0) WARN: [mac:[undef]] > ignoring non trap line perl callback function 0x7fd57fb142c8 returns 1 > (main::) > Jul 5 15:57:24 packetfence packetfence: pfsetvlan(6) WARN: [mac:[undef]] > SNMP trap handling not implemented for this type of switch. > (pf::Switch::parseTrap) > Jul 5 15:57:24 packetfence packetfence: pfsetvlan(7) WARN: [mac:[undef]] > SNMP trap handling not implemented for this type of switch. > (pf::Switch::parseTrap) > Jul 5 15:57:28 packetfence pfqueue: pfqueue(11026) INFO: [mac:] down trap > received on 172.16.26.25 ifIndex 6 (pf::task::pfsnmp::handleDownTrap) > Jul 5 15:57:28 packetfence pfqueue: pfqueue(11026) INFO: [mac:] setting > 172.16.26.25 port 6 to MAC detection VLAN (pf::task::pfsnmp::handleDownTrap) > Jul 5 15:57:28 packetfence pfqueue: pfqueue(11026) INFO: [mac:] setting VLAN > at 172.16.26.25 ifIndex 6 from 30 to 4 (pf::Switch::setVlan) > Jul 5 15:57:28 packetfence pfqueue: pfqueue(11026) ERROR: [mac:] Error > occured while handling trap : Can't locate object method "_setVlan" via > package "pf::Switch::Generic" at /usr/local/pf/lib/pf/Switch.pm line 688. > (pf::task::pfsnmp::handleTrap) > Jul 5 15:57:30 packetfence packetfence: pfsetvlan(0) WARN: [mac:[undef]] > ignoring non trap line perl callback function 0x7fd57fb142c8 returns 1 > (main::) > Jul 5 15:57:30 packetfence packetfence: pfsetvlan(8) WARN: [mac:[undef]] > SNMP trap handling not implemented for this type of switch. > (pf::Switch::parseTrap) > Jul 5 15:57:31 packetfence pfqueue: pfqueue(11021) INFO: > [mac:3c:07:54:41:ca:ee] oldip (10.0.30.10) and newip (10.0.20.10) are > different for 3c:07:54:41:ca:ee - closing ip4log entry > (pf::api::update_ip4log) > Jul 5 15:57:32 packetfence pfqueue: pfqueue(11028) INFO: [mac:] up trap > received on 172.16.26.25 ifIndex 5 (pf::task::pfsnmp::handleUpTrap) > Jul 5 15:57:32 packetfence pfqueue: pfqueue(11028) INFO: [mac:] setting > 172.16.26.25 port 5 to MAC detection VLAN (pf::task::pfsnmp::handleUpTrap) > Jul 5 15:57:32 packetfence pfqueue: pfqueue(11028) INFO: [mac:] setting VLAN > at 172.16.26.25 ifIndex 5 from 20 to 4 (pf::Switch::setVlan) > Jul 5 15:57:32 packetfence pfqueue: pfqueue(11028) ERROR: [mac:] Error > occured while handling trap : Can't locate object method "_setVlan" via > package "pf::Switch::Generic" at /usr/local/pf/lib/pf/Switch.pm line 688. > (pf::task::pfsnmp::handleTrap) > > > Further question: > Who can i clean already detected devices from node database? > I did not enter dhcp server ip in the first setup and nodes seem all to be > detected via management interface, what i don`t want to occur. > > regards > Roland > > ------------------------------------------------------------------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > _______________________________________________ > PacketFence-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/packetfence-users > > ------------------------------------------------------------------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > _______________________________________________ > PacketFence-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/packetfence-users > ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
