Menu
▾
▴
Re: [PacketFence-users] openvas scan sucessful but don't put the computer in isolation vlan
|
From: Enrico <enr...@pg...> - 2019-01-29 08:53:07
|
Il 29/01/19 04:22, William VANDAL ha scritto:
>
> Dear Enrico
>
> I read your configuration
>
> I’m also do the same thing.
>
> But I install openvas in a other server, no in Packetfence server
>
me too
>
> I use this command *openvasmd -a 0.0.0.0 -p 9390* in openvas to accept
> omp command to my network
>
I've the same setup. From pf server (10.0.0.34) omp works:
/[root@pfsrv ~]# omp -u admin -p 9390 -X "<get_version/>" -h 10.0.0.69 //
//Enter password: //
//<get_version_response status_text="OK"
status="200"><version>7.0</version></get_version_response>/
and as you can see it obtains return code from openvas server.
From "Policies and Access Control->Profiles->MY_NET->automatically
registered device,scan engine->openvas"
and inside "Compliance->Scan
Engine->Openvas->ip,user,password,aler,scan,report and scan after
registration"
Did you flagged "Configuration->Advanced->Scan on accouting" or not ?
> And the last difference in openvas configuration Alert : I put
> http://name_of_PF/hook/openvas?task=$n and not ip address
>
> But finish the scan, the computer with high risk result don’t go to
> vlan isolation, I think I don’t configure well the violation in
> Packetfence.
>
It's seems to be not well documented. Did you find any example outside
official guide ?
Thanks
Enrico
>
> Hope this can help you
>
> *De :*Enrico Becchetti <enr...@pg...>
> *Envoyé :* lundi 28 janvier 2019 18:50
> *À :* pac...@li...
> *Cc :* William VANDAL <wil...@vi...>
> *Objet :* Re: [PacketFence-users] openvas scan sucessful but don't put
> the computer in isolation vlan
>
> Dear William,
> could you give more details ? I've also tried openvas without any
> result. After device is connected
> to the network ("automatically network registration") scan didn't start.
> My server is Linux Centos 7.6.1810, with yum update, and PF 8.3.0.
> Profile:
>
> [PF-DOT1X]
> locale=
> device_registration=default
> filter=vlan:26
> description=PF-DOT1X
> autoregister=enabled
> sources=RADIUS-AAI
> scans=OpenVAS
>
> Thanks a lot !
> Best regards
> Enrico
>
>
> Il 28/01/2019 05:51, William VANDAL via PacketFence-users ha scritto:
>
> Hello
>
> I configure openvas 9 engine with packetfence
>
> The scan works with Post Reg System Scan after a registration.
>
> But finish the scan, Packetfence do nothing even if the computer
> has high risk in the results on openvas
>
> I also configure a news violation with trigger openvas : 110002
> (id of openvas scan)
>
> Thank you
>
> Best regards
>
> William
>
> cid:image002.jpg@01CF57FB.C5ADE730
>
> William VANDAL
>
> Cellule informatique
>
> Tél: (687) 41 40 20
>
> Fax: (687) 41 80 40
>
> ser...@vi...
> <mailto:syl...@ma...>
>
>
>
>
> _______________________________________________
>
> PacketFence-users mailing list
>
> Pac...@li... <mailto:Pac...@li...>
>
> https://lists.sourceforge.net/lists/listinfo/packetfence-users <https://emea01.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.sourceforge.net%2Flists%2Flistinfo%2Fpacketfence-users&data=02%7C01%7Cwilliam.vandal%40ville-dumbea.nc%7C7aa4386a72bc48953b6d08d684f53d54%7C804c05846474462f95b67dd35ffe4b30%7C0%7C1%7C636842586184375913&sdata=2UDq93RUL3OsCBPmB9gAtmvFzCB2uCWFHt3%2BWDOO9CM%3D&reserved=0>
>
>
>
>
> --
> _______________________________________________________________________
> Enrico Becchetti Servizio di Calcolo e Reti
> Istituto Nazionale di Fisica Nucleare - Sezione di Perugia
> Via Pascoli,c/o Dipartimento di Fisica 06123 Perugia (ITALY)
> Phone:+39 075 5852777 Mail: Enrico.Becchetti<at>pg.infn.it
> ______________________________________________________________________
--
_______________________________________________________________________
Enrico Becchetti Servizio di Calcolo e Reti
Istituto Nazionale di Fisica Nucleare - Sezione di Perugia
Via Pascoli,c/o Dipartimento di Fisica 06123 Perugia (ITALY)
Phone:+39 075 5852777 Mail: Enrico.Becchetti<at>pg.infn.it
_______________________________________________________________________
|
