I need to configure static IP for the WinXP supplicant from the FreeRadius
through a Cisco 3550 switch.
I don't know what I'm missing!!! All the authentication works correct with
EAP MD5, the only think that fails is de assignement of the user IP. My
users file looks like this:
user Auth-Type := EAP, User-Password == "userpsw"
Reply-Message = "Hi user!!!",
Service-Type = Framed-User,
Framed-Protocol = PPP,
Framed-IP-Address = 33.33.33.2,
Framed-IP-Netmask = 255.255.255.0,
Framed-Filter-Id = "169.in",
Tunnel-Type = VLAN,
Tunnel-Mediu-Type = 6,
Tunnel-Private-Group-Id = uservlan
And the switch with the 12.1(19c)EA1a IOS version configuration is:
Current configuration : 2944 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Switch
!
aaa new-model
aaa authentication dot1x default group radius
aaa authorization network default group radius
...
dot1x system-auth-control
...
!
interface FastEthernet0/1
switchport mode access
no ip address
dot1x port-control auto
dot1x guest-vlan 2
spanning-tree portfast
!
...
!
interface Vlan1
ip address 33.33.33.1 255.255.255.0
!
interface Vlan2
ip address 11.11.11.1 255.255.255.0
!
interface Vlan3
ip address 69.69.69.1 255.255.255.0
!
ip classless
ip http server
!
!
access-list 69 deny 33.33.33.2
access-list 169 permit tcp any any eq pop2
radius-server host 33.33.33.3 auth-port 1812 acct-port 1813 key pepe
radius-server retransmit 3
...
And the TCP/IP protocol configuration in the WinXP to obtaining IP address
dynamically.
I think that I miss something in the freeradius configuration but outside
of the users file. Anybody knows what?
Thanks and sorry for the English level!!!
Albert
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
