What I did: I created a Vlan_1 role and a Vlan_2 role.
In switches, I assigned vlan id 1 to role Vlan_1 and vlan id 2 to role Vlan_2. I then created an internal AD source, and made a rule with this condition : memberOf is member of VLAN1 Action : set the role vlan_1 access time 5 days Same for vlan2. Then in portal profiles : Filter: MySwitch Sources: MY_AD But it looks like the rules in the source do not apply. In the radius logs, I get denied access for the machine that connects to the switch if I haven't enabled automatic device registration in the portable profile. If I enable it, I always get the registration role and the vlan ID corresponding to this role in the role section of the switch. And one more thing. Is it possible to automatically assign a vlan without the user having to log in manually? Thanks for your answer ________________________________ De : Durand fabrice <fdur...@inverse.ca> Envoyé : mercredi, 10 mars 2021 02:10:40 À : Robin Cortat; packetfence-users@lists.sourceforge.net Objet : Re: [PacketFence-users] VLANs assignation for HP Procurve 2824 switch Can you share what you configure on the switch ? Do you see anything in the radius.log file ? Le 21-03-09 à 08 h 25, Robin Cortat a écrit : Precisely and simply, this is what I want to do: A device plugs into the switch; is this device part of my AD? If yes, it joins my company VLAN, if not, it joins an isolation VLAN. I really need your help because this is an important and decisive project for me. I think the problem is that I don't know exactly how and what commands I need to perform on my switch and in packetfence to achieve this. Thank you in advance for your answer. [rcortat]<http://www.imageson.ch/> [logoBNJ]<http://www.bnjpublicite.ch/> [logoRJB]<http://www.rjb.ch/> [logoRTN]<http://www.rtn.ch/> [logoRFJ]<http://www.rfj.ch/> [logoGRRIF]<http://www.grrif.ch/> [https://medias.bnj.ch/Mails/Common/isFooter.jpg]<https://redir.bnj.ch/site/IS> De : Robin Cortat Envoyé : mardi, 9 mars 2021 07:15 À : 'packetfence-users@lists.sourceforge.net<mailto:packetfence-users@lists.sourceforge.net>' <packetfence-users@lists.sourceforge.net><mailto:packetfence-users@lists.sourceforge.net> Cc : Durand fabrice <fdur...@inverse.ca><mailto:fdur...@inverse.ca> Objet : RE: [PacketFence-users] VLANs assignation for HP Procurve 2824 switch Hello, Theoretically, there are 2 VLANs on the switch. I followed the Network Devices Configuration Guide to configure my switch, the HP ProCurve 2500 Series chapter. On PacketFence, I linked my AD and added my switch. I created a connection profile saying that if the device that plugs into my switch was part of the AD, it would be on VLAN 1, and if it wasn't, it would be on VLAN 2. But there is no indication that it works. Is what I did theoretically correct? De : Durand fabrice via PacketFence-users <packetfence-users@lists.sourceforge.net<mailto:packetfence-users@lists.sourceforge.net>> Envoyé : mardi, 9 mars 2021 02:53 À : packetfence-users@lists.sourceforge.net<mailto:packetfence-users@lists.sourceforge.net> Cc : Durand fabrice <fdur...@inverse.ca<mailto:fdur...@inverse.ca>> Objet : Re: [PacketFence-users] VLANs assignation for HP Procurve 2824 switch Hello Robin, what is the configuration you applied on the switch ? What have been done on the packetfence side ? Do you have any logs ? Regards Fabrice Le 21-03-08 à 10 h 15, Robin Cortat via PacketFence-users a écrit : Hello, I use an HP ProCurve 2824 switch, and the only thing I would like to do with PacketFence is to assign VLANs to devices that would connect to the switch based on authentication rules. Unfortunately, after hours and hours of reading documentation and testing, I did not get what I wanted. Isn't there a simple way to achieve this solution? Thank you very much for your answer. _______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net<mailto:PacketFence-users@lists.sourceforge.net> https://lists.sourceforge.net/lists/listinfo/packetfence-users
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
