At 11:13 AM 1/15/2003 +0200, Shmulenson, Eli (Eli) wrote:
Hi,Just for kicks, have you tried setting the tag to a non-zero value? Such
I'm using FreeRadius 0.8.1 on Linux RH 7.3.
I'm using EAP-MD5 with Windows XP client, trying to connect to an Avaya switch.
After the authentication, the XP clinet can access the network so the 802.1x auth process succeeded but the VLAN assigned to the port the client is connected to is incorrect.
After some investigation I found out that the switch complains that the Tunnel-Private-Group-Id packet that received is bad. In sniffer traces I saw that when the radius server is sending the Tunnel-Private-Group-Id attribute to the switch the TAG field is missing. All my attempts to force the radius server to send TAG (by using Tunnel-Private-Group-Id:0 in the users file and by has_tag parameter in the dictionary.tunnel file) came out with nothing.
Any ideas?
as Tunnel-Private-Group-Id:1? If you set all your tunnel attributes to
the same tag, it should work.
There is some ambiguity with the tag behaviour when the tag is set to 0,
so selecting a non-zero tag might allow you to avoid that and make the
switch happy.
-Chris
--
\\\|||/// \ StarNet Inc. \ Chris Parker
\ ~ ~ / \ WX *is* Wireless! \ Director, Engineering
| @ @ | \ http://www.starnetwx.net \ (847) 963-0116
oOo---(_)---oOo--\------------------------------------------------------
\ Wholesale Internet Services - http://www.megapop.net
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
