administration￿guide - packetfence...

Download Administration￿Guide - PacketFence .or￿

Post on 18-Jul-2018

218 views

Category:

Documents

3 download

Embed Size (px)

TRANSCRIPT

  • AdministrationGuideforPacketFenceversion5.4.0

  • AdministrationGuidebyInverseInc.

    Version5.4.0-Oct2015Copyright2015Inverseinc.

    Permissionisgrantedtocopy,distributeand/ormodifythisdocumentunderthetermsoftheGNUFreeDocumentationLicense,Version1.2oranylaterversionpublishedbytheFreeSoftwareFoundation;withnoInvariantSections,noFront-CoverTexts,andnoBack-CoverTexts.Acopyofthelicenseisincludedinthesectionentitled"GNUFreeDocumentationLicense".

    ThefontsusedinthisguidearelicensedundertheSILOpenFontLicense,Version1.1.ThislicenseisavailablewithaFAQat:http://scripts.sil.org/OFL

    CopyrightukaszDziedzic,http://www.latofonts.com,withReservedFontName:"Lato".

    CopyrightRaphLevien,http://levien.com/,withReservedFontName:"Inconsolata".

    http://scripts.sil.org/OFLhttp://scripts.sil.org/OFLhttp://www.latofonts.com/http://levien.com/

  • Copyright2015Inverseinc. iii

    TableofContentsAbout this Guide .............................................................................................................. 1

    Othersourcesof information..................................................................................... 1Introduction ..................................................................................................................... 2

    Features ................................................................................................................... 2Network Integration .................................................................................................. 5Components ............................................................................................................. 5

    SystemRequirements ........................................................................................................ 7Assumptions ............................................................................................................. 7MinimumHardwareRequirements.............................................................................. 7OperatingSystemRequirements................................................................................ 8

    Installation ....................................................................................................................... 9OS Installation .......................................................................................................... 9SoftwareDownload ................................................................................................ 10Software Installation ................................................................................................ 10

    Getoffontherightfoot ................................................................................................. 12TechnicalintroductiontoInlineenforcement..................................................................... 13

    Introduction ........................................................................................................... 13Deviceconfiguration ............................................................................................... 13Access control ........................................................................................................ 13Limitations ............................................................................................................. 14

    TechnicalintroductiontoOut-of-bandenforcement........................................................... 15Introduction ........................................................................................................... 15VLANassignmenttechniques...................................................................................15MoreonSNMPtrapsVLANisolation....................................................................... 17

    TechnicalintroductiontoHybridenforcement................................................................... 20Introduction ........................................................................................................... 20Deviceconfiguration ............................................................................................... 20

    Configuration ................................................................................................................. 21RolesManagement ................................................................................................. 21Authentication ........................................................................................................ 22ExternalAPIauthentication ..................................................................................... 24NetworkDevicesDefinition(switches.conf)............................................................... 25Portal Profiles ......................................................................................................... 29FreeRADIUSConfiguration ...................................................................................... 30

    Debugging ..................................................................................................................... 42Log files ................................................................................................................. 42RADIUSDebugging ................................................................................................ 42

    MoreonVoIP Integration ................................................................................................ 44CDPandLLDPareyourfriend................................................................................ 44VoIPandVLANassignmenttechniques..................................................................... 44WhatifCDP/LLDPfeatureismissing....................................................................... 45

    Advanced topics ............................................................................................................. 46AppleandAndroidWirelessProvisioning.................................................................. 46Billing Engine ......................................................................................................... 47DevicesRegistration ................................................................................................ 48Eduroam ................................................................................................................ 49Fingerbank integration ............................................................................................. 53FloatingNetworkDevices ....................................................................................... 54OAuth2Authentication ........................................................................................... 56Passthrough ........................................................................................................... 58ProductionDHCPaccess ......................................................................................... 58

  • Copyright2015Inverseinc. iv

    Proxy Interception ................................................................................................... 60RoutedNetworks .................................................................................................... 60StatementofHealth (SoH) ....................................................................................... 63VLANFilterDefinition ............................................................................................ 65

    Optionalcomponents ...................................................................................................... 68Blockingmaliciousactivitieswithviolations............................................................... 68ComplianceChecks ................................................................................................. 72RADIUSAccounting ................................................................................................ 78Oinkmaster ............................................................................................................. 79GuestsManagement ............................................................................................... 79ActiveDirectoryIntegration ...................................................................................... 83DHCPremotesensor .............................................................................................. 87

    OperatingSystemBestPractices...................................................................................... 90IPTables ................................................................................................................. 90Log Rotations ......................................................................................................... 90

    Performanceoptimization ................................................................................................ 91SNMPTrapsLimit ................................................................................................... 91MySQLoptimizations .............................................................................................. 91CaptivePortalOptimizations .................................................................................... 94

    Additional Information ..................................................................................................... 96CommercialSupportandContactInformation................................................................... 97GNUFreeDocumentationLicense................................................................................... 98A.AdministrationTools ................................................................................................... 99

    pfcmd .................................................................................................................... 99pfcmd_vlan

Recommended

View more >