freeradius auto-vlan 3com switch 4500G

[Philippe Breton <pbreton@wustl.edu>]

Title: VLAN assignment using Windows 2000 Server, Internet Authenticat

HI,

Has anyone successfully implemented auto-vlan with 3Com switch 4500G?
 
I am using the following tunneling attributes:

ATTRIBUTE    Tunnel-Type               64    integer    has_tag
ATTRIBUTE    Tunnel-Medium-Type        65    integer    has_tag
ATTRIBUTE    Tunnel-Private-Group-Id   81    string    has_tag
VALUE        Tunnel-Type               VLAN    13
VALUE        Tunnel-Medium-Type        TMT802        6

The node is declared as followed:

##IT Dell Inspiron 4000 laptop -- DHCP
00-09-5b-61-52-0d  Auth-Type := Local, User-Password == "00-09-5b-61-52-0d"
                   Tunnel-Medium-Type = TMT802,
                   Tunnel-Private-Group-id = 2,
                   Tunnel-Type = VLAN,

Although my radius access request shows that the access has been granted and the VLAN 2 assigned, the switch 4500G does not open its port on VLAN 2.

I changed the tunnel-medium-type between TMT802 and 802, but that did not change anything.

I am currently doing auto-vlan with 3com 4400 with the same configuration and it is working like a charm. Any idea why the switch does automatically adjust?

Any beginning of information is welcome.

Thanks,

Philippe


RADIUS ACCESS_REQUEST LOG
rad_recv: Access-Request packet from host 172.20.181.201:1024, id=41, length=126
        User-Name = "00-09-5b-61-52-0d"
        User-Password = "00-09-5b-61-52-0d"
        NAS-IP-Address = 172.20.181.201
        NAS-Identifier = "4500G"
        NAS-Port = 16809985
        NAS-Port-Type = Ethernet
        Service-Type = Framed-User
        Framed-Protocol = PPP
        Calling-Station-Id = "0009-5b61-520d"
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
  modcall[authorize]: module "preprocess" returns ok for request 0
  modcall[authorize]: module "chap" returns noop for request 0
  modcall[authorize]: module "mschap" returns noop for request 0
    rlm_realm: No '@' in User-Name = "00-09-5b-61-52-0d", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 0
  rlm_eap: No EAP-Message, not doing EAP
  modcall[authorize]: module "eap" returns noop for request 0
    users: Matched entry 00-09-5b-61-52-0d at line 2
  modcall[authorize]: module "files" returns ok for request 0
modcall: leaving group authorize (returns ok) for request 0
  rad_check_password:  Found Auth-Type Local
auth: type Local
auth: user supplied User-Password matches local User-Password
Login OK: [00-09-5b-61-52-0d] (from client switch201 port 16809985 cli 0009-5b61-520d)
Sending Access-Accept of id 41 to 172.20.181.201 port 1024
        Tunnel-Medium-Type:0 = TMT802
        Tunnel-Private-Group-Id:0 = "2u"
        Tunnel-Type:0 = VLAN
Finished request 0

begin:vcard
fn:Philippe Breton
n:Breton;Philippe
org:Washington Univ. in St. Louis;Molecular Biology & Pharmacology
adr;dom:Campus Box 8103;;660 S. Euclid Ave.;St. Louis;MO;63110
email;internet:pbreton@wustl.edu
title:Systems Manager
tel;work:314-747-2968
tel;pager:314-419-2124 or 3144192124@myairmail.com
x-mozilla-html:TRUE
version:2.1
end:vcard