Hello, In fact you want to Accept or deny in radius and fallback in guest if it's a deny answer. Before the answer, the port is closed. All depend of your switch model. I have a switch model than work as I said before and a lot of cisco switch than have the dynamic vlan assignement and acl feature as you say. Regards
Le mardi 26 mars 2019, Thiago Alves via PacketFence-users < [email protected]> a écrit : > Hi! > > First of all, thanks for the tool, it looks really promising. > > Well, my cenario is the following: > > I have wireless and wired networks on my company. The wireless already > works with 802.1x with NPS and such. What i`m trying to do is to apply > 802.1x to the wired network. > > My Packetfence is hosted on our public cloud on Google, just like my > active directory servers, they are on the same subnet. Already joined the > domain with the packetfence server. > > So, what i need is: > > Everyone who connects into my wired lan drops into a Guest VLAN. From that > VLAN, domain joined machines or not, should be using 802.1x to > authenticate. When you authenticate, packefence should change the VLAN of > the user into our "production VLANS", the same VLANS we use on wireless, > that are set up by Active Directory groups. > > Is that possible? I just need to 802.1x work into my wired lan, and > nothing else. > What i need to do? I've been searching for 2 days and dont know where to > start. > > Thanks in advance > > -- > <http://hyperurl.co/ifoodappsign> > > Thiago Alves > > *Infraestrutura* > > Tel: +55 (11) 3634-3360 > www.ifood.com.br > <https://www.facebook.com/iFood?fref=ts> <https://twitter.com/iFood> > <https://www.instagram.com/iFoodBrasil/> <https://www.youtube.com/ifood> >
_______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
