[prev in list] [next in list] [prev in thread] [next in thread]
List: packetfence-users
Subject: Re: [PacketFence-users] Inline Enforcement Not Blocking Nodes
From: Cheryl Chaghu via PacketFence-users <packetfence-users () lists ! sourceforge ! net>
Date: 2024-04-29 9:56:46
Message-ID: CAByNucENMKZEMOQmMyq9QqqMQgYSKT2Vv_HTbHiAWT15EL31wQ () mail ! gmail ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
Hi Chris,
The main reason why I opted for inline deployment is because I tried to
implement the vlan enforcement but the switch I have does not really work
well with packetfence. So I thought inline enforcement would work out fine.
On Sun, 28 Apr 2024 at 20:37, Chris Vogel via PacketFence-users <
packetfence-users@lists.sourceforge.net> wrote:
>
> Hey Cheryl,
>
> Am 25.04.24 um 13:01 schrieb Cheryl Chaghu via PacketFence-users:
> > I want traffic from these VLANs to be routed to the NAC then the NAC can
> > route them to the firewall
>
> Sorry, I can't help you with inline, but I'd have a question:
>
> If I understand you correctly you do want to deploy packetfence like
> 'just another firewall' that automagically generates rules per node (MAC)?
>
> I've been interested in reasoning why to use the inline mode (if network
> equipment supports other modes of enforcement) all along my learning
> about packetfence. Are you willing to share the reasoning for your
> decision if it is other than your network equipment is not supported by
> packetfence?
>
>
> Kind regards, Chris
>
>
> _______________________________________________
> PacketFence-users mailing list
> PacketFence-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
[Attachment #5 (text/html)]
<div dir="ltr">Hi Chris,<div><br></div><div>The main reason why I opted for inline \
deployment is because I tried to implement the vlan enforcement but the switch I have \
does not really work well with packetfence. So I thought inline enforcement would \
work out fine.</div></div><br><div class="gmail_quote"><div dir="ltr" \
class="gmail_attr">On Sun, 28 Apr 2024 at 20:37, Chris Vogel via PacketFence-users \
<<a href="mailto:packetfence-users@lists.sourceforge.net">packetfence-users@lists.sourceforge.net</a>> \
wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px \
0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><br> Hey Cheryl,<br>
<br>
Am 25.04.24 um 13:01 schrieb Cheryl Chaghu via PacketFence-users:<br>
> I want traffic from these VLANs to be routed to the NAC then the NAC can <br>
> route them to the firewall<br>
<br>
Sorry, I can't help you with inline, but I'd have a question:<br>
<br>
If I understand you correctly you do want to deploy packetfence like <br>
'just another firewall' that automagically generates rules per node \
(MAC)?<br> <br>
I've been interested in reasoning why to use the inline mode (if network <br>
equipment supports other modes of enforcement) all along my learning <br>
about packetfence. Are you willing to share the reasoning for your <br>
decision if it is other than your network equipment is not supported by <br>
packetfence?<br>
<br>
<br>
Kind regards, Chris<br>
<br>
<br>
_______________________________________________<br>
PacketFence-users mailing list<br>
<a href="mailto:PacketFence-users@lists.sourceforge.net" \
target="_blank">PacketFence-users@lists.sourceforge.net</a><br> <a \
href="https://lists.sourceforge.net/lists/listinfo/packetfence-users" \
rel="noreferrer" target="_blank">https://lists.sourceforge.net/lists/listinfo/packetfence-users</a><br>
</blockquote></div>
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic