ok, it works now.
it was Tunnel-Medium-type = IEEE-802 instead of 802 only.
Now i can assign the sucessfull authenticated VLAN.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
this is my show logging on my switch, means that the switch doesn't receive
a radius vlan attribute:
Log Buffer (4096 bytes):
Recv-Key [17] 52 *
02:13:40: RADIUS: Vendor, Microsoft [26] 58
02:13:40: RADIUS: MS-MPPE-Send-Key [16] 52 *
02:13:40: RADIUS: EAP-Message [79] 6
02:
yet
} # server inner-tunnel
[peap] Got tunneled reply code 2
Service-Type = Framed-User
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = 802
Tunnel-Private-Group-Id:0 = "120"
EAP-Message = 0x030b0004
Message-Authenticator = 0x
User-Name = "lin
means vlan is not communicated between the
freeradius and switch, but we don't know why
2010/3/4 omega bk
> hello,
>
> still with the same issue about vlan assignment.
>
> so to sum up
>
> In my users file:
>
>
> doctorCleartext-Password := "mypass"
> cisco
hello,
still with the same issue about vlan assignment.
so to sum up
In my users file:
doctorCleartext-Password := "mypass"
cisco-avpair= "tunnel-type(#64)=VLAN(13)",
cisco-avpair= "tunnel-medium-type(#65) = 802 media(6)",
cis
Jens Link wrote:
> @Alan: I would document VMPS in some more detail in the wiki if my
> access would be working. ;-)
It seems to be fine now.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On Wed, Mar 3, 2010 at 10:44 AM, Phil Mayers wrote:
>> but how to set the fail VLAN and guest VLAN to Y ???
>
> Setting the "Fail" and "Guest" VLAN by radius doesn't make any sense.
>
> The "Fail" vlan is what to use when the radius server is unavailable.
>
> The "Guest" vlan is what to do when th
On 03/03/2010 03:01 PM, omega bk wrote:
2) " set the switch to use RADIUS return attributes for VLAN (and for
session time etc)
and set the fail VLAN and guest VLAN to Y" => that's really what i want
to do so in my users file
myuser Cleartext-Password := "user"
Tunnel-
2) " set the switch to use RADIUS return attributes for VLAN (and for
session time etc)
and set the fail VLAN and guest VLAN to Y" => that's really what i want to
do so in my users file
myuser Cleartext-Password := "user"
Tunnel-type = VLAN,
Tunnel-Medi
Am Mittwoch, 3. März 2010 15:45:56 schrieb omega bk:
> in fact,
>
> i got my client wired with winxp and authentication works well in 802.1x
> this client is connected directly in my switch trough vlan3
>
> i would like dynamically assign a successfull authentication trough vlan2
> and faillure aut
Hi,
> Hello,
>
> so i would like to redirect my winxp authenticated to VLAN1 and if not
> authenticated , this client must be in vlan2
>
> i got a switch cisco
>
> so how to handla this with freeradius?
read the cisco docs on dealing with 802.1X.
you should never use VLAN1 for users - most w
in fact,
i got my client wired with winxp and authentication works well in 802.1x
this client is connected directly in my switch trough vlan3
i would like dynamically assign a successfull authentication trough vlan2
and faillure authentication to vlan1
autthentication is based in users file (not
Am Mittwoch, 3. März 2010 15:34:56 schrieb Jens Link:
> omega bk writes:
>
> Hi,
>
> > so i would like to redirect my winxp authenticated to VLAN1 and if not
> > authenticated , this client must be in vlan2
> >
> > i got a switch cisco
> >
> > so how to handla this with freeradius?
>
> Depends on
omega bk writes:
Hi,
> so i would like to redirect my winxp authenticated to VLAN1 and if not
> authenticated , this client must be in vlan2
>
> i got a switch cisco
>
> so how to handla this with freeradius?
Depends on how you do the authentication:
Using certificates (either machine based o
14 matches
Mail list logo