means vlan is not communicated between the freeradius and switch, but we don't know why
2010/3/4 omega bk <omeg...@gmail.com> > hello, > > still with the same issue about vlan assignment. > > so to sum up > > In my users file: > ############ > > doctor Cleartext-Password := "mypass" > cisco-avpair= "tunnel-type(#64)=VLAN(13)", > cisco-avpair= "tunnel-medium-type(#65) = 802 media(6)", > cisco-avpair= "tunnel-private-group-ID(#81) = 100", > > Session-Timeout = "28800", > Termination-Action = "RADIUS-Request" > > ####################### > > in my switch > -------------------- > aaa new-model > aaa authentication dot1x default group radius > aaa authorization network default group radius > > dot1x system-auth-control > > ! > interface FastEthernet0/24 => for successful authentication ( client is > wired there) > switchport access vlan 100 > switchport mode access > dot1x pae authenticator > dot1x port-control auto > dot1x auth-fail vlan 120 > spanning-tree portfast > > interface FastEthernet0/22 > switchport access vlan 120 > switchport mode access > spanning-tree portfast > ! > interface FastEthernet0/23 > switchport access vlan 120 > switchport mode access > spanning-tree portfast > > radius-server host x.x.x.x auth-port 1812 acct-port 1813 key miamiam > radius-server source-ports 1645-1646 > radius-server retransmit 5 > radius-server vsa send authentication > > --------------------------- > > > so the authentication for doctor is good in vlan 100, but if i change to > cisco-avpair= "tunnel-private-group-ID(#81) = 120", i'm stuck to vlan 100. > > Any noe can help me? > > thanks > > > > > > > > > 2010/3/4 Alan DeKok <al...@deployingradius.com> > > Jens Link wrote: >> > @Alan: I would document VMPS in some more detail in the wiki if my >> > access would be working. ;-) >> >> It seems to be fine now. >> >> Alan DeKok. >> - >> List info/subscribe/unsubscribe? See >> http://www.freeradius.org/list/users.html >> > >
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html