[PacketFence-users] ifIndex MAC requirement on Cisco

Hi everyone, What is the rationale behind the ifIndex mapping for MAC addresses when using Cisco switches? It seems odd, because after someone connects to the port, PF changes the port security settings to allow the new MAC, and never seems to revert to the ifIndex-mapped MAC. Is this only a "

Re: [PacketFence-users] Error importing OVA file in vcenter 6.5

Thanks for your reply, unfortunately at the moment i do not have a vmware workstation on which to try but i have already tried to use vmware "ovf tool" and nothing has changed. Regard, Roberto Il 23/10/2017 15:28, Stephen Appleby ha scritto: I had the Same issue. If you import the ova into V

Re: [PacketFence-users] IP Change

Hello Alessandro, you also need to have a vlan interface on the system. So in /etc/sysconfig/network-script you need to have a file ifcfg-eth0.50 Regards Fabrice Le 2017-10-24 à 08:29, Alessandro Canella via PacketFence-users a écrit : > > Hello, > >   > > I’ve changed IP at my PF ZEN. From unt

[PacketFence-users] OAuth2 Facebook/Google

Hi all, I'm testing the packetfence ZEN (Pecketfence-7.3.0-2 version) and I'm trying to use authentication via facebook or google. I have done the configuration of the API ID and secret of both, but when this in the authentication screen, the client can not reach the screen of facebook and google.

Re: [PacketFence-users] ifIndex MAC requirement on Cisco

Hello Matt, this is normal, PacketFence allowed the mac of the device and if you plug another device in the switch port then a new security trap will be sent to PacketFence. Regards Fabrice Le 2017-10-25 à 10:33, Matt Mossholder via PacketFence-users a écrit : > Hi everyone, >      What is th

Re: [PacketFence-users] OAuth2 Facebook/Google

Hello Diego, you will need to remove facebook from the dns_filters.conf.default in order to fix the fqdn graph.facebook.com. Also the passthroughs for the OAuth sources are in the OAuth config itself (pf side). Regards Fabrice Le 2017-10-25 à 12:29, Diego Lopes da Cruz via PacketFence-users

Re: [PacketFence-users] ifIndex MAC requirement on Cisco

It's just to have a fake mac that will trigger a security trap. Le 2017-10-25 à 12:47, Matt Mossholder a écrit : > OK... but if it is normal, what is the value of setting the allowed > mac to the ifIndex-mapped MAC in the first place?  > >      --Matt > > On Wed, Oct 25, 2017 at 12:33 PM, Fabric

Re: [PacketFence-users] ifIndex MAC requirement on Cisco

OK... but if it is normal, what is the value of setting the allowed mac to the ifIndex-mapped MAC in the first place? --Matt On Wed, Oct 25, 2017 at 12:33 PM, Fabrice Durand via PacketFence-users < packetfence-users@lists.sourceforge.net> wrote: > Hello Matt, > > this is normal, PacketFence

Re: [PacketFence-users] OAuth2 Facebook/Google

Fabrice, *"you will need to remove facebook from the dns_filters.conf.default in order to fix the fqdn graph.facebook.com ."* *OK, works, thanks!* *"Also the passthroughs for the OAuth sources are in the OAuth config itself (pf side)*." *OK, I found!* *I am having HSTS

Re: [PacketFence-users] OAuth2 Facebook/Google

You have to allow accounts.google.com in the passthrough too. Do a pfcmd configreload hard and a pfcmd service pfdns restart to force the update of the passthrough. Regards Fabrice Le 2017-10-25 à 13:34, Diego Lopes da Cruz a écrit : > Sorry, > I forgot the attachment... > > > > 2017-10-25 15

Re: [PacketFence-users] ifIndex MAC requirement on Cisco

If it is just to have a fake mac, that is an awful lot of work to go through to set them appropriately in a large organization. Perhaps the documentation should be tweaked to explain the basis for the setting? --Matt On Wed, Oct 25, 2017 at 12:52 PM, Fabrice Durand wrote: > It's just to ha

Re: [PacketFence-users] OAuth2 Facebook/Google

Sorry, I forgot the attachment... 2017-10-25 15:18 GMT-02:00 Diego Lopes da Cruz : > Fabrice, > *"you will need to remove facebook from the dns_filters.conf.default in > order to fix the fqdn graph.facebook.com ."* > *OK, works, thanks!* > *"Also the passthroughs for