You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is your feature request related to a problem? Please describe.
I would like to be notify each time a device is on registration VLAN because it's something uncommon: all my devices should be on production VLAN. So I want to detect it.
and a security event, a node will match this VLAN filter in two cases;
if device is not registered when a RADIUS request is received (expected behavior)
if device reach unregistration date and is unregistered by nodes_maintenance task (side effect)
I would like my VLAN filter to match only in 1 because 2 will apply to almost all devices.
Describe the solution you'd like
Have a way to match VLAN filter only in 1.
I look at conditions on VLAN filter but I don't find a suitable condition to match 1 and not 2.
I think a solution could be to use a dedicated scope when we deauthenticate a device. Currently, we call fetchRoleForNode from _should_we_reassign_vlan which means that we are in the same code path in 1 and 2 at some point.
Describe alternatives you've considered
Use a different approach like a report
The text was updated successfully, but these errors were encountered:
Is your feature request related to a problem? Please describe.
I would like to be notify each time a device is on registration VLAN because it's something uncommon: all my devices should be on production VLAN. So I want to detect it.
Using following VLAN filter:
and a security event, a node will match this VLAN filter in two cases;
I would like my VLAN filter to match only in 1 because 2 will apply to almost all devices.
Describe the solution you'd like
Have a way to match VLAN filter only in 1.
I look at conditions on VLAN filter but I don't find a suitable condition to match 1 and not 2.
I think a solution could be to use a dedicated scope when we deauthenticate a device. Currently, we call
fetchRoleForNode
from_should_we_reassign_vlan
which means that we are in the same code path in 1 and 2 at some point.Describe alternatives you've considered
Use a different approach like a report
The text was updated successfully, but these errors were encountered: