Hi,
just for the record answering the question on how to manually add VLANs. I had a look with Philipp on how we could add these VLANs directly via the db and it turns out there is a better way that can be nicely achieved through the SeedDB Prefix Gui adding a Dummy Prefix for the VLANID. This creates the VLAN AND adds it to the needed group if configured in the Prefix allocation. Really nice and convenient.
Cheers, Mischa
On Mon, 2023-06-19 at 08:26 +0000, Philipp Petermann wrote:
Hi,
At our university we use the portadmin "vlan_auth" feature to restrict access to certain VLANs for certain organizations. Now we have the problem that a VLAN that we want to give access to is missing in NAV and we couldn't find a way to just add this VLAN.
From what I understand VLANs are added automatically by ipdevpoll from detected router ports. Now the reason for this missing VLAN most probably is the fact that it is routed on a PaloAlto firewall. This firewall exists in NAV as type "Palo Alto Networks PA-5200 (Palo Alto Networks PA-5200 series firewall from PaloAlto)" (sysobjectid 1.3.6.1.4.1.25461.2.3.23) but no router ports are reported (count 0).
So my questions at this point are:
- Is there a way to manually add VLANs so the can be used by
"vlan_auth"?
- Is my assumption correct that the VLAN is missing because the PaloAlto
router ports are not correctly detected?
- Should PaloAlto router ports normally be detected with NAV?
- If so, how can I fix this? And if not, is there any workaround
available?
- Is https://github.com/Uninett/nav/pull/2613%C2%A0a solution to this?
We are currently using NAV 5.5.2 Thanks and best regards,
--
Philipp Petermann Universität Basel | ITS | NINS Spitalstrasse 41 | 4056 Basel | Schweiz Tel. +41 61 207 15 74 _______________________________________________ Nav-users mailing list -- nav-users@lister.sikt.no To unsubscribe send an email to nav-users-leave@lister.sikt.no