Menu
▾
▴
Re: [PacketFence-users] openvas scan sucessful but don't put the computer in isolation vlan
|
From: William V. <wil...@vi...> - 2019-01-31 02:48:42
|
>From "Policies and Access Control->Profiles->MY_NET->automatically registered device,scan engine->openvas" I use connection ethernet-NoEAP for MAB, no automatically registered wih radius and only scans engine -> openvas
and inside "Compliance->Scan Engine->Openvas->ip,user,password,aler,scan,report and scan after registration" same
Did you flagged "Configuration->Advanced->Scan on accouting" or not ? no flagged scan on accounting
And the last difference in openvas configuration Alert : I put http://name_of_PF/hook/openvas?task=$n and not ip address. I test 2nd time, it 's works with Ip address too, but the scan launch randomly
But finish the scan, the computer with high risk result don't go to vlan isolation, I think I don't configure well the violation in Packetfence.
It's seems to be not well documented. Did you find any example outside official guide ? no, only in official guide in 31 optional components
Thanks
Enrico
Hope this can help you
De : Enrico Becchetti <enr...@pg...><mailto:enr...@pg...>
Envoyé : lundi 28 janvier 2019 18:50
À : pac...@li...<mailto:pac...@li...>
Cc : William VANDAL <wil...@vi...><mailto:wil...@vi...>
Objet : Re: [PacketFence-users] openvas scan sucessful but don't put the computer in isolation vlan
Dear William,
could you give more details ? I've also tried openvas without any result. After device is connected
to the network ("automatically network registration") scan didn't start.
My server is Linux Centos 7.6.1810, with yum update, and PF 8.3.0.
Profile:
[PF-DOT1X]
locale=
device_registration=default
filter=vlan:26
description=PF-DOT1X
autoregister=enabled
sources=RADIUS-AAI
scans=OpenVAS
Thanks a lot !
Best regards
Enrico
Il 28/01/2019 05:51, William VANDAL via PacketFence-users ha scritto:
Hello
I configure openvas 9 engine with packetfence
The scan works with Post Reg System Scan after a registration.
But finish the scan, Packetfence do nothing even if the computer has high risk in the results on openvas
I also configure a news violation with trigger openvas : 110002 (id of openvas scan)
Thank you
Best regards
William
[cid:image002.jpg@01CF57FB.C5ADE730]
William VANDAL
Cellule informatique
Tél: (687) 41 40 20
Fax: (687) 41 80 40
ser...@vi...<mailto:syl...@ma...>
_______________________________________________
PacketFence-users mailing list
Pac...@li...<mailto:Pac...@li...>
https://lists.sourceforge.net/lists/listinfo/packetfence-users<https://emea01.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.sourceforge.net%2Flists%2Flistinfo%2Fpacketfence-users&data=02%7C01%7Cwilliam.vandal%40ville-dumbea.nc%7Cc8327e0c5c104a18cfd208d685c72ae6%7C804c05846474462f95b67dd35ffe4b30%7C0%7C0%7C636843487808981204&sdata=TaeO4PDWtvniB1VXn%2FDVaLkq0JUpFxwE8XIaqJgjj9Y%3D&reserved=0>
--
_______________________________________________________________________
Enrico Becchetti Servizio di Calcolo e Reti
Istituto Nazionale di Fisica Nucleare - Sezione di Perugia
Via Pascoli,c/o Dipartimento di Fisica 06123 Perugia (ITALY)
Phone:+39 075 5852777 Mail: Enrico.Becchetti<at>pg.infn.it
______________________________________________________________________
--
_______________________________________________________________________
Enrico Becchetti Servizio di Calcolo e Reti
Istituto Nazionale di Fisica Nucleare - Sezione di Perugia
Via Pascoli,c/o Dipartimento di Fisica 06123 Perugia (ITALY)
Phone:+39 075 5852777 Mail: Enrico.Becchetti<at>pg.infn.it
_______________________________________________________________________
|
