pf::Switch::Brocade - Object oriented module to access SNMP enabled Brocade Switches
The pf::Switch::Brocade module implements an object oriented interface to access SNMP enabled Brocade switches.
Stacked switch support has not been tested.
Tested on a Brocade ICX 6450 Version 07.4.00T311.
There is no automatic fallback from 802.1X to MAC-Authentication supported by the vendor at this time. However there is a means for RADIUS to explicitly say to the switch not to require 802.1X. This has the implication that PacketFence must be aware of all non-802.1X capable devices connecting to the switch (if 802.1X enforcement is required) and that it tells the switch to not require 802.1X for these devices.
The workaround implemented in the Brocade code is such that VoIP devices will fallback to MAC-Auth if they have been pre-registered in PacketFence (see voip attribute under node). All other device categories (Game consoles, appliances, etc.) that don't support 802.1X will have problem in a Brocade setup. Customer specific workarounds in pf::radius::custom could be made for that.
Vendor is aware of the problem and is working to support 802.1X to MAC-Auth fallback.
conf/switches.conf
Actual implementation.
Allows callers to refer to this implementation even though someone along the way override the above call.
All traps ignored
Get Voice over IP RADIUS Vendor Specific Attribute (VSA).
Supports VoIP if enabled.
Overloading pf::Switch's implementation to send vsa in the radius reponse.
It's optional, but we can force the 802.1x authentication by sending Foundry-MAC-Authent-needs-802.1x at 1. Disabled by default.
Inverse inc. <info@inverse.ca>
Copyright (C) 2005-2015 Inverse inc.
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.