Re: [PacketFence-users] Packetfence Portal Auth By Role / Vlan change on Aruba Controller.

Tue, 10 Jul 2018 16:45:56 -0700 

Not sure about Aruba Controller, but my experience with Aruba Switch 2530
showed that it requires an additional VSA in Radius request to toggle port
on/off.
Maybe controller also needs something like that..

вт, 10 лип. 2018 о 17:06 Diogo Rocha via PacketFence-users <
[email protected]> пише:

> Hi fabrice.
>
> My last mail was lost. its a second try.
>
> Follow reply.
>
> "What happen if you disconnect and reconnect the device on the ssid (or if
> you disconnect from the controller the mac address) ?
> Does the device go in the vlan 194 ?"
>
> Yes. If I force to disconnect device from the controller and reconnect
> without any change on authorization, device go in vlan 194 and get
> correctly IP.
>
> "Be sure to remove all the Role by vlan id blank."
>
> Sorry don't understand, my role by vlan is unchecked. Even checked, the
> reply from radius don't change (tested by tcpdump).
>
>  I'm using second choice for switch config on web gui (by role). Do I have
> to check the box for vlan id too? What roles by vlan, and where I have to
> remove?
>
> I saw that if I use by role, options by vlan are automatically disable.
> Wrong?
>
>
>
> Btw i made a test today.
>
> I turned off COA, and some attributes were sent by radius reply. Using
> "private tunnel id", I could create a server rule for server group on
> controller and force to set a vlan id 194.
>
> After these changes, some devices could change IP automatically but
> another devices didn't. I don't know why. I can see the new vlan associated
> for device  but ip dindt change without release/renew manually.
>
> This test was to confirm configuration for network and roles. I think
> using COA, controller don't understand when it have to disconnect devices
> for reauth in new role.
>
> Do you have any idea for me?
>
>
>
> Tks
>
>
>
> ------------------------------------------------------------------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> _______________________________________________
> PacketFence-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>


-- 
З повагою,
         Михайло

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Reply via email to