Menu
▾
▴
Re: [PacketFence-users] doc1x MAB/Isolation with multiple MACs on a port
|
From: Thomas T. <tt...@ca...> - 2012-04-27 17:02:37
|
Rich, I would really appreciate if you wouldn't mind sharing how you got packetfence to correctly identify/establish with the 3560. Every attempt to date has been failing back to MAB after 802.1x fails. In packetfence log, I get messages regarding radius autz request, pf then detects the correct vlan status, and returns a warning about RBAC not supported on network device type D-: -----Original Message----- From: Rich Graves [mailto:rg...@ca...] Sent: Friday, April 27, 2012 8:40 AM To: pac...@li... Subject: Re: [PacketFence-users] doc1x MAB/Isolation with multiple MACs on a port >> How do state changes happen when devices need to go in/out of >> registration/isolation? Is it CoA (I thought that was only supported >> on wireless)? SNMP? Scripted CLI? > > With MAB, we just bounce the port (ifdown/ifup) using SNMP. With > 802.1X, we force a reauth using the PAE mib. OK. I could try CoA, but there seems little benefit right now. One packet instead of two. ********************************************** Email Disclaimer: This email, including attachments, may contain proprietary, confidential or privileged information. If you are not the intended recipient, please (i) do not use, disclose, save or retransmit this message or any attachments, (ii) alert the sender by reply email and (iii) destroy or delete this message and any attachments. Delivery of this email to a person other than the intended recipient(s) shall not constitute a waiver of privilege or confidentiality. CP Investments, member FINRA and SIPC, serves as placement agent for investment products advised by Canyon Capital Advisors LLC. This email is not intended to be an offer to sell or a solicitation of an offer to buy any security in any jurisdiction. We review and retain electronic communications traveling through our network. ********************************************** |
