Using freeradius and 802.1x for dynamic VLAN

lvizcardof at unsa.edu.pe lvizcardof at unsa.edu.pe
Thu Oct 11 21:45:58 CEST 2007 

Hello,
I use freeradius-1.0.4-1.FC4.1 version in a PC Linux Fedora Core 4.  
This radius server
authenticates to user in function to his login and key, if the  
information is correct the
radius server must send to user to the vlan 2 according to forms in  
the file users of the
radius server. This is the
configuration in the file users from radius server:

*****************************************************************

carlos  Auth-Type := EAP, User-Password == "carlos"
         Service-Type = Framed-User,
         Tunne-type = VLAN,
         Tunnel-medium-type = IEEE-802,
         Tunnel-Private-Group-Id = 2

*****************************************************************

I have the followin problem . When I authenticate to the user with   
login and key It
sends by defect to the vlan 1.
I have a switch DELL PowerConnect 5324. In this switch I have formed  
the ports to 802.1x
and I have two vlans: the vlan2 and vlan3
This is all the configuration in my switch:

*****************************************************************

console# show running-config
vlan database
vlan 2-3
exit
interface ethernet g1
switchport access vlan 2
exit
dot1x system-auth-control
interface range ethernet g(7-10)
dot1x port-control auto
exit
interface range ethernet g(7-10)
dot1x re-authentication
exit
interface vlan 2
ip address 10.20.10.253 255.255.255.0
exit
interface vlan 3
ip address 192.168.2.253 255.255.255.0
exit
ip default-gateway 10.20.10.1
radius-server host 10.20.10.13 auth-port  1645 timeout  3
radius-server key misecreto
aaa authentication dot1x default radius
username admin password 7d8c9c8b116cdfe3fb091f4c1ac684de level 15 encrypted

*****************************************

The problem that I have is that when I authenticate to user with his  
login and key, The
radius server sends  the user to the vlan 1. Who can I do so that  
radius server sends the
user to the vlan that I select? , in this case is the vlan 2. I think  
that.  I review all
the information about how to form the radius server but, I don't know  
what more do.

do you have an idea of, how can I solve this problem?

----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.

More information about the Freeradius-Users mailing list