Hi everyone, I've set up a FreeRADIUS-Installation v1.0.2 for testing with EAP-TLS authent. to provide dynamic VLAN-IDs to a HP 2524-Switch (Firmware 05.22). We have set the switch to HP's "Open VLAN-Mode". If authentication is sucessfull, the switch puts the port in the correct "auth, but no VLAN-ID provided"-VLAN, but if we provide a VLAN-ID too, it just ignores it.
Can anyone give me a some help ? Config : --snip--users-File-- #"testuser" Service-Type == Framed-User # Tunnel-Media = IEEE-802,a # Tunnel-Private-Group-Id = 5, # Tunnel-Type = VLAN "testuser" Service-Type == Framed-User Tunnel-Type += 13, Tunnel-Media += 6, Tunnel-Private-Group-Id += 5, --snip--Switch-Config-- vlan 1 name "Admin_VLAN" untagged 1-26 ip address 192.168.0.5 255.255.255.0 exit vlan 2 name "Gast" exit vlan 3 name "Lehrer_1" exit vlan 4 name "Lehrer_2" exit vlan 5 name "Schueler_1" exit vlan 6 name "Schueler_2" exit aaa authentication port-access eap-radius radius-server host 192.168.0.1 key test123 primary-vlan 2 management-vlan 1 aaa port-access authenticator active aaa port-access authenticator 1-23 aaa port-access authenticator 1-23 auth-vid 3 aaa port-access authenticator 1-23 unauth-vid 2 password manager password operator The command "show authentication" says "Port-Access | EapRadius" also no hint for me: ProCurve Switch 2524# show radius host 192.168.0.1 Status and Counters - RADIUS Server Information Server IP Addr : 192.168.0.1 Authentication UDP Port : 1812 Accounting UDP Port : 1813 Round Trip Time : 5 Round Trip Time : 0 Pending Requests : 0 Pending Requests : 0 Retransmissions : 1 Retransmissions : 0 Timeouts : 1 Timeouts : 0 Malformed Responses : 0 Malformed Responses : 0 Bad Authenticators : 0 Bad Authenticators : 0 Unknown Types : 0 Unknown Types : 0 Packets Dropped : 1 Packets Dropped : 0 Access Requests : 80 Accounting Requests : 0 Access Challenges : 70 Accounting Responses : 0 Access Accepts : 10 Access Rejects : 0 Thank You ! - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html