Hi everyone,
I've set up a FreeRADIUS-Installation v1.0.2 for testing with EAP-TLS
authent.
to provide dynamic VLAN-IDs to a HP 2524-Switch (Firmware 05.22). We
have set
the switch to HP's "Open VLAN-Mode".
If authentication is sucessfull, the switch puts the port in the correct
"auth,
but no VLAN-ID provided"-VLAN, but if we provide a VLAN-ID too, it just
ignores it.
Can anyone give me a some help ?
Config :
--snip--users-File--
#"testuser" Service-Type == Framed-User
# Tunnel-Media = IEEE-802,a
# Tunnel-Private-Group-Id = 5,
# Tunnel-Type = VLAN
"testuser" Service-Type == Framed-User
Tunnel-Type += 13,
Tunnel-Media += 6,
Tunnel-Private-Group-Id += 5,
--snip--Switch-Config--
vlan 1
name "Admin_VLAN"
untagged 1-26
ip address 192.168.0.5 255.255.255.0
exit
vlan 2
name "Gast"
exit
vlan 3
name "Lehrer_1"
exit
vlan 4
name "Lehrer_2"
exit
vlan 5
name "Schueler_1"
exit
vlan 6
name "Schueler_2"
exit
aaa authentication port-access eap-radius
radius-server host 192.168.0.1 key test123
primary-vlan 2
management-vlan 1
aaa port-access authenticator active
aaa port-access authenticator 1-23
aaa port-access authenticator 1-23 auth-vid 3
aaa port-access authenticator 1-23 unauth-vid 2
password manager
password operator
The command "show authentication" says "Port-Access | EapRadius"
also no hint for me:
ProCurve Switch 2524# show radius host 192.168.0.1
Status and Counters - RADIUS Server Information
Server IP Addr : 192.168.0.1
Authentication UDP Port : 1812 Accounting UDP Port : 1813
Round Trip Time : 5 Round Trip Time : 0
Pending Requests : 0 Pending Requests : 0
Retransmissions : 1 Retransmissions : 0
Timeouts : 1 Timeouts : 0
Malformed Responses : 0 Malformed Responses : 0
Bad Authenticators : 0 Bad Authenticators : 0
Unknown Types : 0 Unknown Types : 0
Packets Dropped : 1 Packets Dropped : 0
Access Requests : 80 Accounting Requests : 0
Access Challenges : 70 Accounting Responses : 0
Access Accepts : 10
Access Rejects : 0
Thank You !
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
