Flexible VLAN Management and Role-Based Access Control

The solution is built around the concept of network isolation through VLAN assignment. For more details on how this work see the Technical Introduction page. Because of its long experience and several deployments, the VLAN management of PacketFence grew to be very flexible over the years. Your VLAN topology can be kept as it is and only two new VLAN will need to be added throughout your network: registration VLAN and isolation VLAN. Moreover, PacketFence can also make use of roles support from many equipment vendors.

VLAN and roles can be assigned using the various means:

Per switch (default for VLAN)

Per client category (default for roles)

Per client

Using any arbitrary decision (if you use our perl extension points)

Also, the per-switch method can be combined with the others. For example, with a default PacketFence setup, a VLAN or a role can be assigned to your printers and your PCs (if categorized properly) based on what equipment they are connected to. This implies that you can easily have per-building per-device type VLANs.