And you do inline mode on the guest vlan?
I think you should rely on MAB as the failover mechanism instead of the
guest vlan feature. It gives you much more flexibility.
On 2013-03-22 12:07 PM, Enrico Pasqualotto wrote:
I'm trying to do the same setup here in my lab, you can configure your
switch interfaces as 802.1x and if client don't support 802.1x or fail
auth put the interface in guest VLAN.
For my switch Catalyst 3650 the command is "dot1x guest-vlan 50" and
the complete config is:
switchport access vlan 1
switchport mode access
authentication event fail action authorize vlan 50
authentication event server dead action authorize vlan 50
authentication event no-response action authorize vlan 50
authentication event linksec fail action authorize vlan 50
authentication host-mode multi-domain
authentication order dot1x mab
authentication priority dot1x mab
authentication port-control auto
authentication periodic
authentication timer restart 10800
authentication timer reauthenticate 10800
mab ;optional
dot1x pae authenticator
dot1x timeout quiet-period 2
dot1x timeout tx-period 3
dot1x guest-vlan 50 ; important
Pasqu.
------------------------------------------------------------------------
Hi,
I have been trying to figure out if there is a way to bypass
captive portal for users who log onto their computers using a
domain account. So, non-domain computers and non-domain users
would be forced to the registration VLAN and register, while users
who log onto their computers using domain credentials would not be
trapped in the captive portal and would be able to access the
normal VLAN without registering ever. Is this possible? If so,
how would go about doing this?
Thanks!
--
--
Pasqualotto Enrico
cell. +39 3473292620
skype://epasqualotto :: http://www.linkedin.com/in/epasqualotto
http://www.netspin.it :: [email protected]
------------------------------------------------------------------------------
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://p.sf.net/sfu/appdyn_d2d_mar
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
--
Francois Gaudreault
Architecte de Solution Cloud | Cloud Solutions Architect
[email protected]
514-629-6775
- - -
CloudOps
420 rue Guy
Montréal QC H3J 1S6
www.cloudops.com
@CloudOps_
------------------------------------------------------------------------------
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://p.sf.net/sfu/appdyn_d2d_mar
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
