Hello, The proc’s are running and i checked and rewrite again the community is all okay.
About the strace: is the cmd: strace <pid of snmptrapd> ? or something else? [http://www.dezb.nl/content/dam/zeeland/zeeuwse/bestanden/logo-zb-email.jpg] Martijn Langendoen Network Administrator Storage Administrator [email protected]<mailto:[email protected]> T: 0118 654307 [http://www.dezb.nl/content/dam/zeeland/zeeuwse/icoontjes-social-media/facebook.jpg]<https://www.facebook.com/dezbnl>[http://www.dezb.nl/content/dam/zeeland/zeeuwse/icoontjes-social-media/twitter.jpg]<https://www.twitter.com/dezbnl>[http://www.dezb.nl/content/dam/zeeland/zeeuwse/icoontjes-social-media/linkedin.jpg]<https://www.linkedin.com/company/dezbnl>[http://www.dezb.nl/content/dam/zeeland/zeeuwse/icoontjes-social-media/instagram.jpg]<https://www.instagram.com/dezbnl>/dezbnl www.dezb.nl<http://www.dezb.nl> Kousteensedijk 7 4331 JE Middelburg Postbus 8004 4330 EA Middelburg Ik werk op: ma, wo ochtend di,do,vr 7:30 – 17:00 Van: Fabrice Durand via PacketFence-users <[email protected]> Verzonden: vrijdag 12 juli 2019 20:06 Aan: [email protected] CC: Fabrice Durand <[email protected]> Onderwerp: Re: [PacketFence-users] port-security and snmptrap not working Hello, if the snmptrapd and the pfqueue snmp processes are running then it can be the community that is wrong. Also i have already seen this kind of issue because of /etc/host.deny. Last thing, you can use strace to see why the snmp trap is not received. Regards Fabrice Le 19-07-11 à 09 h 15, Martijn Langendoen via PacketFence-users a écrit : Hello again, I have made a connection profile: [Portsecurity-snmp] locale= always_use_redirecturl=disabled filter=connection_type:SNMP-Traps autoregister=enabled sources=local with tcpdump I see the traps but noting comes in snmptrap.log what I’am missing? From: Eran Benno <[email protected]><mailto:[email protected]> Sent: dinsdag 25 juni 2019 16:36 To: [email protected]<mailto:[email protected]> Cc: Martijn Langendoen <[email protected]><mailto:[email protected]> Subject: port-security and snmptrap not working Hi Martijn, You should create a "Connection Profile" that uses SNMP in "Policies and Access Control". Go down that form to the "Filters" section and add a Filter "Connection Type" -> SNMP-Traps. It means you need to define what the PF does with SNMP then after. If you can give some more information about the "Authentication Sources", I might be able to advise some more. Other than that your switch configuration looks correct. Brgds, Eran. From: Martijn Langendoen via PacketFence-users [mailto:[email protected]] Sent: Tuesday, June 25, 2019 11:19 AM To: '[email protected]<mailto:[email protected]>' <[email protected]<mailto:[email protected]>> Cc: Martijn Langendoen <[email protected]<mailto:[email protected]>> Subject: [PacketFence-users] port-security and snmptrap not working Hi all, Ik have a problem with Packterfence 8.3.0 -ZEN. I want to use port security on a cisco switch but it wil not working. PF receive the snmptraps from the switch ( I see in with tcpdump): tcpdump -i eth0 -port 162: 09:30:07.741905 IP 10.10.0.150.57025 > 145.116.199.36.snmptrap: C="private" V2Trap(142) system.sysUpTime.0=311055713 S:1.1.4.1.0=E:cisco.9.315.0.0.1 interfaces.ifTable.ifEntry.ifIndex.10109=10109 31.1.1.1.1.10109="GigabitEthernet0/9" E:cisco.9.315.1.2.1.1.10.10109=00_1f_d8_03_d5_59 09:30:10.379234 IP 10.10.0.150.57025 > 145.116.199.36.snmptrap: C="private" V2Trap(142) system.sysUpTime.0=311055976 S:1.1.4.1.0=E:cisco.9.315.0.0.1 interfaces.ifTable.ifEntry.ifIndex.10109=10109 31.1.1.1.1.10109="GigabitEthernet0/9" E:cisco.9.315.1.2.1.1.10.10109=00_1f_d8_03_d5_59 09:30:12.146661 IP 10.10.0.150.57025 > 145.116.199.36.snmptrap: C="private" V2Trap(142) system.sysUpTime.0=311056152 S:1.1.4.1.0=E:cisco.9.315.0.0.1 interfaces.ifTable.ifEntry.ifIndex.10109=10109 31.1.1.1.1.10109="GigabitEthernet0/9" E:cisco.9.315.1.2.1.1.10.10109=00_1f_d8_03_d5_59 The snmptrapd on the PF do nothing I mean the log file /usr/local/pf/logs/snmptrapd.log stays empty. My switches.conf: [10.10.0.150] description=Cisco 2960G group=Cisco2960 SNMPCommunityRead=private deauthMethod=SNMP [group Cisco2960] guestVlan=40 cliUser=admin defaultVlan=815 VoIPCDPDetect=N VoIPDHCPDetect=N deauthMethod=RADIUS description=Cisco 2960 type=Cisco::Catalyst_2960G VoIPLLDPDetect=N macDetectionVlan=815 cliPwd=********* cliAccess=Y isolationVlan=815 cliTransport=SSH radiusSecret=********* ICTVlan=110 cliEnablePwd=********* registrationVlan=816 ZeroClientVlan=22 Tech-instVlan=45 ZBM-PersoneelVlan=101 ZVL-InternetVlan=222 NarrowcastVlan=11 ErfgoedZeelandVlan=170 OSR-InternetVlan=202 SWMVlan=2 ZMfVlan=43 ZVL-PersoneelVlan=221 RFIDVlan=14 OSR-PersoneelVlan=201 Diversen-vlan21Vlan=21 VDI-PubliekVlan=51 VDI-InternetVlan=50 SNMPCommunityRead=private SNMPVersionTrap=2c SNMPCommunityTrap=private SNMPVersion=2c My Cisco 2960G switch config: ! interface GigabitEthernet0/9 switchport access vlan 815 switchport mode access switchport port-security maximum 1 vlan access switchport port-security violation restrict switchport port-security mac-address sticky switchport port-security mac-address 0200.0001.0109 switchport port-security no logging event link-status ! ! snmp-server community public snmp-server community private snmp-server location Test snmp-server contact <snip> snmp-server enable traps port-security snmp-server enable traps port-security trap-rate 1 snmp-server host 145.116.199.36 version 2c private port-security snmp ifmib ifindex persist ! NOTE: the is the same ip in mail. On de PF snmptrapd is running: /usr/sbin/snmptrapd -f -n -c /usr/local/pf/var/conf/snmptrapd.conf -C -A -Lf /usr/local/pf/logs/snmptrapd.log -p /usr/local/pf/var/run/snmptrapd.pid -On Snmptrapd.conf: # This file is generated from a template at /usr/local/pf/conf/snmptrapd.conf # Any changes made to this file will be lost on restart snmpTrapdAddr 145.116.199.36:162 authCommunity execute,log private authCommunity execute,log public perl do "/usr/local/pf/lib/pf/snmptrapd.pm"; format1 %V|%#04.4y-%#02.2m-%02.2l|%#02.2h:%#02.2j:%#02.2k|%b|%a|BEGIN TYPE %w END TYPE BEGIN SUBTYPE %q END SUBTYPE BEGIN VARIABLEBINDINGS %v END VARIABLEBINDINGS\n format2 %V|%#04.4y-%#02.2m-%02.2l|%#02.2h:%#02.2j:%#02.2k|%b|%a|BEGIN TYPE %w END TYPE BEGIN SUBTYPE %q END SUBTYPE BEGIN VARIABLEBINDINGS %v END VARIABLEBINDINGS\n So wat is my problem? [http://www.dezb.nl/content/dam/zeeland/zeeuwse/bestanden/logo-zb-email.jpg] Martijn Langendoen Network Administrator Storage Administrator [email protected]<mailto:[email protected]> T: 0118 654307 [http://www.dezb.nl/content/dam/zeeland/zeeuwse/icoontjes-social-media/facebook.jpg]<https://www.facebook.com/dezbnl>[http://www.dezb.nl/content/dam/zeeland/zeeuwse/icoontjes-social-media/twitter.jpg]<https://www.twitter.com/dezbnl>[http://www.dezb.nl/content/dam/zeeland/zeeuwse/icoontjes-social-media/linkedin.jpg]<https://www.linkedin.com/company/dezbnl>[http://www.dezb.nl/content/dam/zeeland/zeeuwse/icoontjes-social-media/instagram.jpg]<https://www.instagram.com/dezbnl>/dezbnl www.dezb.nl<http://www.dezb.nl> Kousteensedijk 7 4331 JE Middelburg Postbus 8004 4330 EA Middelburg Ik werk op: ma, wo ochtend di,do,vr 7:30 – 17:00 _______________________________________________ PacketFence-users mailing list [email protected]<mailto:[email protected]> https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Fabrice Durand [email protected]<mailto:[email protected]> :: +1.514.447.4918 (x135) :: www.inverse.ca<http://www.inverse.ca> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://packetfence.org)
_______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
