Hello Martijn,
so you need to enable the snmptrapd service and also enable the pfsnmp
queue.
Add that in pfqueue.conf:
#
# pfsnmp_parsing queue configuration
#
[queue pfsnmp_parsing]
#
# The weight of queue among shared workers
#
weight=2
#
# The number of dedicated workers for queue
#
workers=0
Then:
pfcmd configreload hard
pfcmd service pf restart
Regards
Fabrice
Le 19-06-25 à 14 h 35, Martijn Langendoen via PacketFence-users a écrit :
Hi Eran,
Ok i found it. but i don’t know how to go further.
I use it for mac auth. So the macs are registered in PF. What are my
next steps?
http://www.dezb.nl/content/dam/zeeland/zeeuwse/bestanden/logo-zb-email.jpg
http://www.dezb.nl/content/dam/zeeland/zeeuwse/bestanden/email-onderbreking.jpg
*Martijn Langendoen*
Network Administrator
Storage Administrator
/[email protected] <mailto:[email protected]>_/
http://www.dezb.nl/content/dam/zeeland/zeeuwse/bestanden/email-onderbreking.jpg
T: 0118 654307
http://www.dezb.nl/content/dam/zeeland/zeeuwse/icoontjes-social-media/facebook.jpg
<https://www.facebook.com/dezbnl>http://www.dezb.nl/content/dam/zeeland/zeeuwse/icoontjes-social-media/twitter.jpg
<https://www.twitter.com/dezbnl>http://www.dezb.nl/content/dam/zeeland/zeeuwse/icoontjes-social-media/linkedin.jpg
<https://www.linkedin.com/company/dezbnl>http://www.dezb.nl/content/dam/zeeland/zeeuwse/icoontjes-social-media/instagram.jpg
<https://www.instagram.com/dezbnl>/dezbnl/
//www.dezb.nl <http://www.dezb.nl>///
http://www.dezb.nl/content/dam/zeeland/zeeuwse/bestanden/email-onderbreking.jpg
Kousteensedijk 7
4331 JE Middelburg
Postbus 8004
4330 EA Middelburg
http://www.dezb.nl/content/dam/zeeland/zeeuwse/bestanden/email-onderbreking.jpg
/Ik werk op: /
ma, wo ochtend
di,do,vr 7:30 – 17:00
*Van:* Eran Benno <[email protected]>
*Verzonden:* dinsdag 25 juni 2019 16:36
*Aan:* [email protected]
*CC:* Martijn Langendoen <[email protected]>
*Onderwerp:* port-security and snmptrap not working
Hi Martijn,
You should create a "Connection Profile" that uses SNMP in "Policies
and Access Control".
Go down that form to the "Filters" section and add a Filter
"Connection Type" -> SNMP-Traps.
It means you need to define what the PF does with SNMP then after.
If you can give some more information about the "Authentication
Sources", I might be able to advise some more.
Other than that your switch configuration looks correct.
Brgds,
Eran.
*From:*Martijn Langendoen via PacketFence-users
[mailto:[email protected]]
*Sent:* Tuesday, June 25, 2019 11:19 AM
*To:*
'[email protected]'<[email protected]
<mailto:[email protected]>>
*Cc:* Martijn Langendoen<[email protected]
<mailto:[email protected]>>
*Subject:* [PacketFence-users] port-security and snmptrap not working
Hi all,
Ik have a problem with Packterfence 8.3.0 -ZEN.
I want to use port security on a cisco switch but it wil not working.
PF receive the snmptraps from the switch ( I see in with tcpdump):
tcpdump -i eth0 -port 162:
09:30:07.741905 IP 10.10.0.150.57025 > 145.116.199.36.snmptrap:
C="private" V2Trap(142) system.sysUpTime.0=311055713
S:1.1.4.1.0=E:cisco.9.315.0.0.1
interfaces.ifTable.ifEntry.ifIndex.10109=10109
31.1.1.1.1.10109="GigabitEthernet0/9"
E:cisco.9.315.1.2.1.1.10.10109=00_1f_d8_03_d5_59
09:30:10.379234 IP 10.10.0.150.57025 > 145.116.199.36.snmptrap:
C="private" V2Trap(142) system.sysUpTime.0=311055976
S:1.1.4.1.0=E:cisco.9.315.0.0.1
interfaces.ifTable.ifEntry.ifIndex.10109=10109
31.1.1.1.1.10109="GigabitEthernet0/9"
E:cisco.9.315.1.2.1.1.10.10109=00_1f_d8_03_d5_59
09:30:12.146661 IP 10.10.0.150.57025 > 145.116.199.36.snmptrap:
C="private" V2Trap(142) system.sysUpTime.0=311056152
S:1.1.4.1.0=E:cisco.9.315.0.0.1
interfaces.ifTable.ifEntry.ifIndex.10109=10109
31.1.1.1.1.10109="GigabitEthernet0/9"
E:cisco.9.315.1.2.1.1.10.10109=00_1f_d8_03_d5_59
The snmptrapd on the PF do nothing I mean the log file
/usr/local/pf/logs/snmptrapd.log stays empty.
My switches.conf:
[10.10.0.150]
description=Cisco 2960G
group=Cisco2960
SNMPCommunityRead=private
deauthMethod=SNMP
[group Cisco2960]
guestVlan=40
cliUser=admin
defaultVlan=815
VoIPCDPDetect=N
VoIPDHCPDetect=N
deauthMethod=RADIUS
description=Cisco 2960
type=Cisco::Catalyst_2960G
VoIPLLDPDetect=N
macDetectionVlan=815
cliPwd=*********
cliAccess=Y
isolationVlan=815
cliTransport=SSH
radiusSecret=*********
ICTVlan=110
cliEnablePwd=*********
registrationVlan=816
ZeroClientVlan=22
Tech-instVlan=45
ZBM-PersoneelVlan=101
ZVL-InternetVlan=222
NarrowcastVlan=11
ErfgoedZeelandVlan=170
OSR-InternetVlan=202
SWMVlan=2
ZMfVlan=43
ZVL-PersoneelVlan=221
RFIDVlan=14
OSR-PersoneelVlan=201
Diversen-vlan21Vlan=21
VDI-PubliekVlan=51
VDI-InternetVlan=50
SNMPCommunityRead=private
SNMPVersionTrap=2c
SNMPCommunityTrap=private
SNMPVersion=2c
My Cisco 2960G switch config:
!
interface GigabitEthernet0/9
switchport access vlan 815
switchport mode access
switchport port-security maximum 1 vlan access
switchport port-security violation restrict
switchport port-security mac-address sticky
switchport port-security mac-address 0200.0001.0109
switchport port-security
no logging event link-status
!
!
snmp-server community public
snmp-server community private
snmp-server location Test
snmp-server contact <snip>
snmp-server enable traps port-security
snmp-server enable traps port-security trap-rate 1
snmp-server host 145.116.199.36 version 2c private port-security
snmp ifmib ifindex persist
!
NOTE: the is the same ip in mail.
On de PF snmptrapd is running:
/usr/sbin/snmptrapd -f -n -c /usr/local/pf/var/conf/snmptrapd.conf -C
-A -Lf /usr/local/pf/logs/snmptrapd.log -p
/usr/local/pf/var/run/snmptrapd.pid -On
Snmptrapd.conf:
# This file is generated from a template at
/usr/local/pf/conf/snmptrapd.conf
# Any changes made to this file will be lost on restart
snmpTrapdAddr 145.116.199.36:162
authCommunity execute,log private
authCommunity execute,log public
perl do "/usr/local/pf/lib/pf/snmptrapd.pm";
format1 %V|%#04.4y-%#02.2m-%02.2l|%#02.2h:%#02.2j:%#02.2k|%b|%a|BEGIN
TYPE %w END TYPE BEGIN SUBTYPE %q END SUBTYPE BEGIN VARIABLEBINDINGS
%v END VARIABLEBINDINGS\n
format2 %V|%#04.4y-%#02.2m-%02.2l|%#02.2h:%#02.2j:%#02.2k|%b|%a|BEGIN
TYPE %w END TYPE BEGIN SUBTYPE %q END SUBTYPE BEGIN VARIABLEBINDINGS
%v END VARIABLEBINDINGS\n
So wat is my problem?
http://www.dezb.nl/content/dam/zeeland/zeeuwse/bestanden/logo-zb-email.jpg
http://www.dezb.nl/content/dam/zeeland/zeeuwse/bestanden/email-onderbreking.jpg
*Martijn Langendoen*
Network Administrator
Storage Administrator
/[email protected] <mailto:[email protected]>_/
http://www.dezb.nl/content/dam/zeeland/zeeuwse/bestanden/email-onderbreking.jpg
T: 0118 654307
http://www.dezb.nl/content/dam/zeeland/zeeuwse/icoontjes-social-media/facebook.jpg
<https://www.facebook.com/dezbnl>http://www.dezb.nl/content/dam/zeeland/zeeuwse/icoontjes-social-media/twitter.jpg
<https://www.twitter.com/dezbnl>http://www.dezb.nl/content/dam/zeeland/zeeuwse/icoontjes-social-media/linkedin.jpg
<https://www.linkedin.com/company/dezbnl>http://www.dezb.nl/content/dam/zeeland/zeeuwse/icoontjes-social-media/instagram.jpg
<https://www.instagram.com/dezbnl>/dezbnl/
www.dezb.nl <http://www.dezb.nl> /
http://www.dezb.nl/content/dam/zeeland/zeeuwse/bestanden/email-onderbreking.jpg
Kousteensedijk 7
4331 JE Middelburg
Postbus 8004
4330 EA Middelburg
http://www.dezb.nl/content/dam/zeeland/zeeuwse/bestanden/email-onderbreking.jpg
/Ik werk op: /
ma, wo ochtend
di,do,vr 7:30 – 17:00
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
