Community support is offered through the mailing lists. You can subscribe to them and ask questions related to PacketFence.
The PacketFence community is very large and active so do not hesitate to subscribe to the mailing list and ask questions. However, please make sure to respect the following guidelines when posting a new message:
Join us on IRC! We are in the #packetfence channel on the freenode network.
Please note that while available, IRC is not the preferred option for community support. We recommend using the mailing list.
Network Access Control (NAC) projects are complex in nature because they usually involve many different technologies. We have done hundreds of large-scale deployment projects for prestigious organizations, all around the world. Let us help you make this deployment project a success by using our unmatched expertise!
If you are looking for a PacketFence expert to help you:
Unlimited |
|
---|---|
Duration | 1 year |
Support Method | Support Portal / Phone |
Response Time | 1 hour |
Support Hours | 24 / 7 |
Multi-Server | No |
Notifications | Security / Bug Fixes |
Bug Fixes | Yes |
Included Incidents | Unlimited |
Included Consulting Hours | None - can be purchased separately |
Cost | $5,000 USD per PacketFence server |
Order |
Installation Guide | Download PDF Read Online |
Upgrade Guide | Download PDF Read Online |
Network Devices Configuration Guide | Download PDF Read Online |
Clustering Quick Installation Guide | Download PDF Read Online |
Developer's Guide | Download PDF Read Online |
OpenApi Specification - REST API (Stable) | Read Online |
OpenApi Specification - REST API (Development) | Read Online |
OpenApi Specification - REST API (Per Release) | v13.0 |
This article is only relevant if you are using Cisco Switches with VLAN access map capabilities.
One downside of the isolation and registration VLAN is that they are usually flat (not routed VLANs) with a lot of people in them. Furthermore, in the isolation VLAN, it can became a real “battle” zone where users are seeing each other and can be infected by viruses or malware from others.
In order to mitigate that problem, you can create VLAN access map on the access switches. You can then drop any traffic that does not go or come from the PacketFence registration/isolation interface. Here is a quick example how to achieve that in the isolation VLAN.
First, create your ACL to match the traffic:
ip access-list extended pf-isol
permit ip host pf_host any
permit icmp any host pf_host
permit tcp any host pf_host eq www
permit tcp any host pf_host eq 443
permit udp any host pf_host eq domain
permit udp any host 255.255.255.255 eq bootps
permit udp any host pf_host eq bootps
Secondly, apply the VLAN map:
vlan access-map Isolation 10
action forward
match ip address pf-isol
vlan filter Isolation vlan-list ISOLATION_VLANID
If you encounter a possible bug with PacketFence, you can access our github page.
Please make sure to respect the following guidelines when reporting a bug: