Yes, I use inline mode for guest VLAN.
Now I got 802.1X => MAB => guest VLAN, without guest vlan (with MAB) I must
check all guests that come into the office . Isn't it?
Enrico.
----- Messaggio originale -----
> And you do inline mode on the guest vlan?
> I think you should rely on MAB as the failover mechanism instead of
> the guest vlan feature. It gives you much more flexibility.
> On 2013-03-22 12:07 PM, Enrico Pasqualotto wrote:
> > I'm trying to do the same setup here in my lab, you can configure
> > your switch interfaces as 802.1x and if client don't support 802.1x
> > or fail auth put the interface in guest VLAN.
>
> > For my switch Catalyst 3650 the command is "dot1x guest-vlan 50"
> > and
> > the complete config is:
>
> > switchport access vlan 1
>
> > switchport mode access
>
> > authentication event fail action authorize vlan 50
>
> > authentication event server dead action authorize vlan 50
>
> > authentication event no-response action authorize vlan 50
>
> > authentication event linksec fail action authorize vlan 50
>
> > authentication host-mode multi-domain
>
> > authentication order dot1x mab
>
> > authentication priority dot1x mab
>
> > authentication port-control auto
>
> > authentication periodic
>
> > authentication timer restart 10800
>
> > authentication timer reauthenticate 10800
>
> > mab ;optional
>
> > dot1x pae authenticator
>
> > dot1x timeout quiet-period 2
>
> > dot1x timeout tx-period 3
>
> > dot1x guest-vlan 50 ; important
>
> > Pasqu.
>
> > ----- Messaggio originale -----
>
> > > Hi,
> >
>
> > > I have been trying to figure out if there is a way to bypass
> > > captive
> > > portal for users who log onto their computers using a domain
> > > account. So, non-domain computers and non-domain users would be
> > > forced to the registration VLAN and register, while users who log
> > > onto their computers using domain credentials would not be
> > > trapped
> > > in the captive portal and would be able to access the normal VLAN
> > > without registering ever. Is this possible? If so, how would go
> > > about doing this?
> >
>
> > > Thanks!
> >
>
> > --
>
> > --
>
> > Pasqualotto Enrico
>
> > cell. +39 3473292620
>
> > skype://epasqualotto :: http://www.linkedin.com/in/epasqualotto
>
> > http://www.netspin.it :: [email protected]
>
> > ------------------------------------------------------------------------------
>
> > Everyone hates slow websites. So do we.
>
> > Make your web apps faster with AppDynamics
>
> > Download AppDynamics Lite for free today:
> > http://p.sf.net/sfu/appdyn_d2d_mar
>
> > _______________________________________________
>
> > PacketFence-users mailing list
> > [email protected]
> > https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
> --
> Francois Gaudreault
> Architecte de Solution Cloud | Cloud Solutions Architect
> [email protected] 514-629-6775
> - - -
> CloudOps
> 420 rue Guy
> Montréal QC H3J 1S6 www.cloudops.com @CloudOps_
--
--
Pasqualotto Enrico
cell. +39 3473292620
skype://epasqualotto :: http://www.linkedin.com/in/epasqualotto
http://www.netspin.it :: [email protected]
------------------------------------------------------------------------------
Own the Future-Intel® Level Up Game Demo Contest 2013
Rise to greatness in Intel's independent game demo contest.
Compete for recognition, cash, and the chance to get your game
on Steam. $5K grand prize plus 10 genre and skill prizes.
Submit your demo by 6/6/13. http://p.sf.net/sfu/intel_levelupd2d
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
