Re: [PacketFence-users] VLAN Assignment

[Durand fabrice via PacketFence-users]

Hello Rana,

my answer below.
Le 2018-02-15 à 04:03, Rana, Vijaykumar via PacketFence-users a écrit :

Hello,

I have a Dell S3048ON Switch, on which I have some VLANs configured 
and also I have configured 802.1X on a port which is connected to a 
local machine. The switch configuration on the interface looks like below:

no ip address

switchport

no snmp trap link-status

spanning-tree rstp edge-port

dot1x authentication

dot1x tx-period 3

dot1x quiet-period 2

no shutdown

Now the Packetfence(on a sever machine) handles this switch and I have 
added its properties in the switch and I am able to authenticate a 
local machine based on the user I created in the Users Tab from 
Packetfence web interface.

I have specified the Role Mapping by Vlan ID on Switch config on 
Packetfence and it looks like below:

Role by VLAN ID

Registration             10

isolation                      -

macDetection             4

inline                          -

default                        2

guest                           10

gaming                        -

voice                           -

REJECT                     -1

The enforcement on Packetfence is configured as VLAN-Enforcement.

Now I want to have three scenarios:

1) VLAN assignment (VLAN 10) before authentication for local machine

The switch must support that and i am not sure that Dell do it.

2) VLAN assignment (VLAN 2) on successful authentication

3) VLAN assignment (VLAN -1 i.e., REJECT) on authentication failure

If the authentication is failure then radius will answer an access 
reject for 802.1x.

I have been successful for second scenario. But for 1^st and 3^rd 
scenario VLAN-Assignment doesn’t take place. So what else do I need to 
configure? I went through the administration guide but still I am not 
able to come across any solution.

Thank you.

Best regards,

Vijaykumar Rana


Regards
Fabrice


------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot


_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users