I have enabled port-security on our cisco Switches.On the Ports i enabled this feature I get now results with mactrack.
When I disable Port-security everything works fine.
Any Ideas?
I use mactrac Version 1.1
no mactrack results with port-security
Moderators: Developers, Moderators
no mactrack results with port-security
I have enabled port-security on our cisco Switches.On the Ports i enabled this feature I get now results with mactrack.
When I disable Port-security everything works fine.
Any Ideas?
I use mactrac Version 1.1
-
streaker69
- Cacti Pro User
- Posts: 712
- Joined: Mon Mar 27, 2006 10:35 am
- Location: Psychic Amish Network Administrator
Re: no mactrack results with port-security
Did you add the MAC address of your Cacti box to the port that it cannot get the results from?Perry wrote:
On the Ports i enabled this feature I get now results with mactrack.
When I disable Port-security everything works fine.
Any Ideas?
I use mactrac Version 1.1
Re: no mactrack results with port-security
[quote="streaker69"]
Did you add the MAC address of your Cacti box to the port that it cannot get the results from?[/quote]
The Server with mactrack is installed on a Port without Port-security.
The Problem is that I cannot get the Devices on A Switch which are pluged in in a Port with Port security. When I disable Port-Security everything works fine.
I don't understand where the problem is for the mactrack.
Which oids use the mactrack to get the informations from the Switch?
Did you add the MAC address of your Cacti box to the port that it cannot get the results from?[/quote]
The Server with mactrack is installed on a Port without Port-security.
The Problem is that I cannot get the Devices on A Switch which are pluged in in a Port with Port security. When I disable Port-Security everything works fine.
I don't understand where the problem is for the mactrack.
Which oids use the mactrack to get the informations from the Switch?
Re: Port Security = no info.
Did you get anywhere with this? I am just in the beginnings of installing mactrack, but I see the same thing you do with port security ports. I have PS turned on throughout the enterprise, so if I cant figure it out, mactrack will not work for me. I have a feeling that the scanner has to be customized to go after a different oid set. I can look at it over the next week or so, but didn't want to redo work if you figured something out.
Thanks.
Thanks.
Hi,
We have the same problem. When I remove port-security MACTrack works. With port-security 'User ports up' and 'Active Macs' are 0.
I configured my Cisco 3750 to use 'get_IOS_dot1dTpFdbEntry_ports' as Switch/Router.
When I manually walk OID .1.3.6.1.2.1.3.1.1.2, I get all the MAC's, and when I walk OID .1.3.6.1.2.1.2.2.1.8 I get the Up/Down Status of each interface. There is no difference between an interface with or without port-security.
In the debug mode, I get for the right vlan the client of which I turned off port-security: DEBUG: INDEX: '0' MAC ADDRESS: 00:**:**:**:**:**
The clients in the same or other vlan connected to a port with port-security are not listed.
Is there any solution for this? Or where do I have to look in the code to debug this? I already tried, but I can't find the right place where it goes wrong.
Thanks,
Stef
We have the same problem. When I remove port-security MACTrack works. With port-security 'User ports up' and 'Active Macs' are 0.
I configured my Cisco 3750 to use 'get_IOS_dot1dTpFdbEntry_ports' as Switch/Router.
When I manually walk OID .1.3.6.1.2.1.3.1.1.2, I get all the MAC's, and when I walk OID .1.3.6.1.2.1.2.2.1.8 I get the Up/Down Status of each interface. There is no difference between an interface with or without port-security.
In the debug mode, I get for the right vlan the client of which I turned off port-security: DEBUG: INDEX: '0' MAC ADDRESS: 00:**:**:**:**:**
The clients in the same or other vlan connected to a port with port-security are not listed.
Is there any solution for this? Or where do I have to look in the code to debug this? I already tried, but I can't find the right place where it goes wrong.
Thanks,
Stef
-
homeratspringfield
- Posts: 1
- Joined: Sun Oct 19, 2008 4:12 pm
I ran into the same issue and after debugging through the code, found where it fails.
With port-security enabled, cam table records entries as static instead of dynamic. This gets filtered out by default in get_base_dot1dTpFdbEntry_ports function.
To fix it, change line 665 in lib/mactrack_functions.php from:
if (@$port_status[$key] == "3") {
to:
if (@$port_status[$key] == "3"||@$port_status[$key] == "5") {
Enjoy.
With port-security enabled, cam table records entries as static instead of dynamic. This gets filtered out by default in get_base_dot1dTpFdbEntry_ports function.
To fix it, change line 665 in lib/mactrack_functions.php from:
if (@$port_status[$key] == "3") {
to:
if (@$port_status[$key] == "3"||@$port_status[$key] == "5") {
Enjoy.
Who is online
Users browsing this forum: No registered users and 0 guests