if I understand you correctly you wanna do this enable EAP on your Cisco switch; where all ports are in shutdown mode. a user on your XP box has a User Cert which is passed through EAP to your Freeradius box; the freeradius authenticates the user with his certificate "DN" etc. then instructes the switch to "no shut" the port and assign that port to a predefined VLAN you allocated for that user or other guest users in your database. i.e. if [ "cn=bla,ou=bla,dc=id10t,dc=net" == "match" }; then $vlan = 100; fi
let me know if you wanna do this as described above. and how did you get it to work with username and password? On Tue, Mar 25, 2008 at 7:23 AM, [EMAIL PROTECTED] < [EMAIL PROTECTED]> wrote: > Heya, > > i'm a bit stuck. My xp box should auth with ssl cert - works ok so > far. But how to assign vlan? > When doing this with user, i put my user + pass into users file - > works. But for ssl cert? > I want my xp box authentificated by ssl cert and after that, my user > should logon to "his" vlan. > So that i have a "protected" vlan for "my" boxes (to avoid giving > access to my auth server to > foreign notebooks) and after that, if someone of my users log in, he > will be transfered to > his vlan... > > hope you understand... > > Thanksalot! > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html >
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
