If it is just to have a fake mac, that is an awful lot of work to go
through to set them appropriately in a large organization. Perhaps the
documentation should be tweaked to explain the basis for the setting?
--Matt
On Wed, Oct 25, 2017 at 12:52 PM, Fabrice Durand
OK... but if it is normal, what is the value of setting the allowed mac to
the ifIndex-mapped MAC in the first place?
--Matt
On Wed, Oct 25, 2017 at 12:33 PM, Fabrice Durand via PacketFence-users <
packetfence-users@lists.sourceforge.net> wrote:
> Hello Matt,
>
> this is normal,
It's just to have a fake mac that will trigger a security trap.
Le 2017-10-25 à 12:47, Matt Mossholder a écrit :
> OK... but if it is normal, what is the value of setting the allowed
> mac to the ifIndex-mapped MAC in the first place?
>
> --Matt
>
> On Wed, Oct 25, 2017 at 12:33 PM,
Hello Matt,
this is normal, PacketFence allowed the mac of the device and if you
plug another device in the switch port then a new security trap will be
sent to PacketFence.
Regards
Fabrice
Le 2017-10-25 à 10:33, Matt Mossholder via PacketFence-users a écrit :
> Hi everyone,
> What is
Hi everyone,
What is the rationale behind the ifIndex mapping for MAC addresses
when using Cisco switches? It seems odd, because after someone connects to
the port, PF changes the port security settings to allow the new MAC, and
never seems to revert to the ifIndex-mapped MAC. Is this only a