Hello there, Multiple things that you can verify.
1. Make sure in Auditing that the radius reply for that Mac address contain the Tunnel-Private-Group-Id = “1" 2. Re-check if the radius CoA is correctly configured to disconnect user (radius dynamic authorization) 3. Show us your configuration / logs related to that authentication. Thanks, Ludovic Zammit Product Support Engineer Principal Cell: +1.613.670.8432 Akamai Technologies - Inverse 145 Broadway Cambridge, MA 02142 Connect with Us: <https://community.akamai.com/> <http://blogs.akamai.com/> <https://twitter.com/akamai> <http://www.facebook.com/AkamaiTechnologies> <http://www.linkedin.com/company/akamai-technologies> <http://www.youtube.com/user/akamaitechnologies?feature=results_main> > On Jul 6, 2021, at 3:51 AM, Thapeli Matsabu via PacketFence-users > <packetfence-users@lists.sourceforge.net> wrote: > > Hi all, > I have been through this mailing trying to find if someone had this problem > before, but I could not find anything similar. > > I am trying to configure VLAN Enforcement with MAC address authentication: > I am using Cisco 2950 with PF 10 on Centos 7 > I have configured 4 networks: see network.conf attached > Management and Normal– default VLAN (1) > Registration – VLAN 2 > Isolation – VLAN 3 > MAC detection – VLAN 4 (no configured on PF, only on the router) > I have configured my router and PF can see and manage the VLANs. See my > router config attached > I have manually registered a device on PF > I want to manually register devices and all registered devices should go to > VLAN 1 (Normal and management) and unregistered devices to just sit in > registration VLAN, and in future registered devices that does not meet the > requirements to go to ISOLATION VLAN. > > My problem is that when I connect a device to port 16, it get stuck in VLAN 2 > and it never gets moved to VLAN 1, which is my default VLAN, even though on > PF the device is already registered. If I connect to any other port, it get > moved to VLA 1 even if it’s not registered. > > > > Regards, > > <image003.jpg> > > > > > <pf.conf><networks.conf><switches.conf><cisco > config.txt>_______________________________________________ > PacketFence-users mailing list > PacketFence-users@lists.sourceforge.net > <mailto:PacketFence-users@lists.sourceforge.net> > https://urldefense.com/v3/__https://lists.sourceforge.net/lists/listinfo/packetfence-users__;!!GjvTz_vk!ACAuMID8HF8M7MWrECip8SKCJsDnEDPVqDheOMjtajjM5b2OVVoVmgtKHao_CfOi$ > > <https://urldefense.com/v3/__https://lists.sourceforge.net/lists/listinfo/packetfence-users__;!!GjvTz_vk!ACAuMID8HF8M7MWrECip8SKCJsDnEDPVqDheOMjtajjM5b2OVVoVmgtKHao_CfOi$>
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
