Hello Jeremy,
it looks that the Aruba HPE 2930M support the CoA
(http://www.arubanetworks.com/assets/ds/DS_2930MSwitchSeries.pdf)
So it should be cool to add the support in Packetfence.
Regards
Fabrice
Le 2018-01-25 à 09:25, Jeremy Plumley via PacketFence-users a écrit :
>
> Just wanted to share my config for the Aruba HPE 2930M switch I’m
> testing. All appears to be working for my needs. I ended up defining
> my switch in Packetfence as a “HP::Procurve_2920” in order for it to
> work properly. In addition, it must use SNMP as deauth method.
>
>
>
> #Radius/SNMP Config#
>
> radius-server host <packetfence IP> dyn-authorization
>
> radius-server host <packetfence IP> key <secret key>
>
> aaa server-group radius "packetfence" host <packetfence ip>
>
> aaa accounting network start-stop radius server-group "packetfence"
>
> aaa authentication port-access eap-radius server-group "packetfence"
>
> aaa authentication mac-based chap-radius server-group "packetfence"
>
> ip source-interface radius vlan <management vlan>
>
> snmpv3 user <packetfence user>
>
> snmpv3 group managerpriv user <packetfence user> sec-model ver3
>
> snmpv3 enable
>
> snmpv3 only
>
> snmpv3 restricted-access
>
>
>
> #Port Config#
>
> aaa port-access authenticator active
>
> aaa port-access authenticator <port#>
>
> aaa port-access authenticator <port#> client-limit <max dot1x clients
> on port>
>
> aaa port-access mac-based <port#>
>
> aaa port-access mac-based <port#> addr-moves
>
> aaa port-access mac-based <port#> reauth-period 14400
>
> aaa port-access mac-based <port#> addr-limit <max mab clients on port>
>
> aaa port-access <port#> controlled-direction in
>
>
>
> #show run interface#
>
>
>
> interface 1/1
>
> tagged vlan <voip vlan>
>
> untagged vlan <mac detection vlan>
>
> lldp enable-notification
>
> lldp config dot1TlvEnable vlan-name
>
> aaa port-access authenticator
>
> aaa port-access authenticator client-limit 5
>
> aaa port-access mac-based
>
> aaa port-access mac-based addr-limit 5
>
> aaa port-access mac-based addr-moves
>
> aaa port-access mac-based reauth-period 14400
>
> aaa port-access controlled-direction in
>
> spanning-tree admin-edge-port
>
> spanning-tree loop-guard bpdu-protection
>
> exit
>
>
>
> Jeremy Plumley
>
> ITS Network Administrator
>
> Ext 50024
>
> E-Mail correspondence to and from this address may be subject to the
> North Carolina Public Records Law and shall be disclosed to third
> parties when required by the statutes (G.S. 132-1.)
>
>
> ------------------------------------------------------------------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>
>
> _______________________________________________
> PacketFence-users mailing list
> PacketFence-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
--
Fabrice Durand
fdur...@inverse.ca :: +1.514.447.4918 (x135) :: www.inverse.ca
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence
(http://packetfence.org)
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users
