Le 19/03/2014 18:25, denis bonnenfant a écrit : > Hello, > > I tested an unsupported Cisco AP541, as Cisco's documentation claims > that it supports radius dynamic Vlans on VAP. > > It works (almost) perfectly in WPA/802.1x (ttls or peap) radius/ldap, > regardless which module was selected in switches.conf. > > The only issue is that wireless device has to be disconnected for the > vlan change to be effective. > I tried many modules (hostapd, cisco aironet, aruba...), but it doesn't > help. > > > The Ap OS is a Hostap-like Linux, and from the documentation it seems > that Vlan assignement can be made via snmp : > > Mib : > iso(1).org(3).dod(6).internet(1).private(4).enterprises(1).lvl7(6132).lvl7Products(1).fa > stPath(1).fastPathWLANAP(28) > > I investigated a little bit further, and found that hostap_cli command doesn't exists on this system, so telnet cli is not and option for deauthentication.
It seems that a custom snmp agent is used. Unfortunately, there is no documented MIB. Snmpwalk shows lots of things, but it is completely different from the examples in Cisco's doc. It will be difficult to find how to deauthenticate... Any advices ? Thanks Denis Bonnenfant ------------------------------------------------------------------------------ Learn Graph Databases - Download FREE O'Reilly Book "Graph Databases" is the definitive new guide to graph databases and their applications. Written by three acclaimed leaders in the field, this first edition is now available. Download your free book today! http://p.sf.net/sfu/13534_NeoTech _______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
