[PacketFence-users] 答复: VLANs Problem

[平嘉伟 via PacketFence-users]

Hi kai:
       Is there any PC in vlan 11 get 192.168.0.0/24 address if connected 
switch port does NOT have any radius authentication setting?
       Port setting example for cisco:
       switchport mode access
       switchport access vlan 11

       if NO, check ur switch config;
       if YES, pull authentication detail using [ sh authentication sessions 
interface Gx/x/x details ];
发件人: Kai Bass (Westfalia Spielgeräte GmbH) <k.b...@westfalia-spielgeraete.de>
发送时间: 2024年4月16日 15:01
收件人: 平嘉伟 <jiawei_p...@leadstarmcd.com>
抄送: Zammit, Ludovic via PacketFence-users 
<packetfence-users@lists.sourceforge.net>
主题: AW: VLANs Problem

Hey Jiawei Ping,

thank you for your assistance.
Unfortunately, I do not believe that the issue lies with the Switch 
configuration in Packetfence, as the packetfence.log indicates that the correct 
VLAN has been assigned.

here an example:

Mar 13 11:07:53 packetfence httpd.aaa-docker-wrapper[3265]: httpd.aaa(8) INFO: 
[mac:] handling radius autz request: from switch_ip => (172.25.1.38), 
connection_type => Ethernet-NoEAP,switch_mac => (mac), mac => [mac], port => 
20, username => "mac" (pf::radius::authorize)
Mar 13 11:07:53 packetfence httpd.aaa-docker-wrapper[3265]: httpd.aaa(8) INFO: 
[mac:] Instantiate profile guest (pf::Connection::ProfileFactory::_from_profile)
Mar 13 11:07:53 packetfence httpd.aaa-docker-wrapper[3265]: httpd.aaa(8) INFO: 
[mac:] is of status unreg; belongs into registration VLAN 
(pf::role::getRegistrationRole)
Mar 13 11:07:53 packetfence httpd.aaa-docker-wrapper[3265]: httpd.aaa(8) INFO: 
[mac: (172.25.1.38) Added VLAN 11 to the returned RADIUS Access-Accept 
(pf::Switch::returnRadiusAccessAccept)
Mar 13 11:07:53 packetfence httpd.aaa-docker-wrapper[3265]: httpd.aaa(8) INFO: 
[mac:] Updating locationlog from accounting request 
(pf::api::handle_accounting_metadata)


Vielen Dank und freundliche Grüße aus Hövelhof


Kai Bass | IT - Auszubildender

Telefon: +49 5257 98891-655 | Fax: -11
E-Mail: 
k.b...@westfalia-spielgeraete.de<mailto:k.b...@westfalia-spielgeraete.de>

[cid:image001.png@01DA9015.FAB94610]


________________________________
Von: 平嘉伟 <jiawei_p...@leadstarmcd.com<mailto:jiawei_p...@leadstarmcd.com>>
Gesendet: Dienstag, 16. April 2024 03:04
An: 
packetfence-users@lists.sourceforge.net<mailto:packetfence-users@lists.sourceforge.net>
 
<packetfence-users@lists.sourceforge.net<mailto:packetfence-users@lists.sourceforge.net>>
Cc: Kai Bass (Westfalia Spielgeräte GmbH) 
<k.b...@westfalia-spielgeraete.de<mailto:k.b...@westfalia-spielgeraete.de>>
Betreff: 答复: VLANs Problem


Hi kai:

       Check this:

https://www.packetfence.org/doc/PacketFence_Installation_Guide.html#_adjust_switch_configuration_in_packetfence<https://atpscan.global.hornetsecurity.com/index.php?atp_str=WSgwh1WymmFSv0gSqDuPtDwZlThcfDpgp6cbJFgkx5g71KgzyPGiZCrgJ4Romjn9D-3cOMXgCnZLjh3IfA3q2Pbi-vcajMFBvurxtkhsie_wFaUl0zTMNEfCZ0PhwLH63l8gZ8NCdGWRZ_MulbD0wX_Ct4SLkxH_jIHbpAwToTKbINas2wufWvlRl9IaynsovBw4FI0NOLnIKxDR5ZyIDwluIYobPbnff1j5QbxkxlSQR-D7lA5qofG2h-_lZW8n2RmESCjcV28Fub3ehLHd5C6Z-n8pcpXqJY4JL9ELlu_66cx91AenTBKqjEE5E4_qyDAB9dfonj1tIWjDTxC0qIte846zaPbgA_EiVeX_AXkF49psX-PPPlNKK59IXbPeP91aowu_radcgMslrtq4QmLAzZj71gMcWj_BsuX_nqv15h9OSoXKSbnmHvLz8dBv3lZN-3FXPlHfpNYTzyM6OiOgCOL2BhU9SuLDV8AjOjojNealYNufBQsYfwGMmj1_mQ>



发件人: Kai Bass (Westfalia Spielgeräte GmbH) via PacketFence-users 
<packetfence-users@lists.sourceforge.net<mailto:packetfence-users@lists.sourceforge.net>>
发送时间: 2024年4月15日 21:59
收件人: 
packetfence-users@lists.sourceforge.net<mailto:packetfence-users@lists.sourceforge.net>
抄送: Kai Bass (Westfalia Spielgeräte GmbH) 
<k.b...@westfalia-spielgeraete.de<mailto:k.b...@westfalia-spielgeraete.de>>
主题: [PacketFence-users] VLANs Problem



Hello everyone,



I have successfully installed Packetfence with Active Directory authentication.

However, I am encountering some issues while trying to grant my test client 
access to a specific VLAN. My Clients dont get any IP Informations.

Currently, we are only using the default VLAN (1), which is assigned to all our 
IP addresses (172.25.0.0/24) and where my Access switch and Packetfence VM are 
located.



Can VLANs be configured using the IP range 192.168.0.0/24 in this setup? If 
yes, what are the considerations?

Is a secondary NIC required?  Do i need to configure the Switchport where the 
packetfence server is connected as Trunk and do i need to see my VM-MAC-Adress 
with "sh lldp info remote-device"? And do i need to configure my Access Port 
where my test-client is connected as Trunk with all VLANS too?

Do i need to configure something spezial in VMware Workstation Player other 
than my NICs as brided? How could i trobleshoot this problem?





Thank you very much for any help!



Regards,



Kai


_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users