VS: Freeradius dot1x dynamic vlan

Heikki Lavaste heikki.lavaste at hotmail.com
Fri Sep 28 16:49:40 CEST 2018 

Hi Alan ,

Thank you for a quick reply.
Works now.

Kind Regards

Heikki Lavaste
________________________________
Lähettäjä: Freeradius-Users <freeradius-users-bounces+heikki.lavaste=hotmail.com at lists.freeradius.org> käyttäjän Alan DeKok <aland at deployingradius.com> puolesta
Lähetetty: perjantai 28. syyskuuta 2018 15.25
Vastaanottaja: FreeRadius users mailing list
Aihe: Re: Freeradius dot1x dynamic vlan


On Sep 28, 2018, at 9:59 AM, Heikki Lavaste <heikki.lavaste at hotmail.com> wrote:
> What I'm trying to do is to get freeradius to return the vlan for authenticated user.
> User does get authenticated but no vlan is returned. If I add
>
> update reply {
>
>                  &Tunnel-Medium-Type := "IEEE-802"
>                 &Tunnel-Type := "VLAN"
>                 &Tunnel-Private-Group-Id := "100"
>
> everything works. Is there a way of just returning what is listed under the user?

  Yes.  That's the default.

>   Fri Sep 28 14:54:29 2018 : Debug: Server was built with:

  Please don't use "radiusd -Xx".  Follow the documentation:

https://wiki.feeradius.org/list-help/

> Fri Sep 28 14:54:44 2018 : Debug: (8) eap_peap: Got tunneled reply code 11
> Fri Sep 28 14:54:44 2018 : Debug: (8) eap_peap:   Service-Type = Framed-User
> Fri Sep 28 14:54:44 2018 : Debug: (8) eap_peap:   Tunnel-Type = VLAN
> Fri Sep 28 14:54:44 2018 : Debug: (8) eap_peap:   Tunnel-Medium-Type = IEEE-802
> Fri Sep 28 14:54:44 2018 : Debug: (8) eap_peap:   Tunnel-Private-Group-Id = "100"

  Which has the VLAN.  But it's for the *inner-tunnel*.
> ...
> Fri Sep 28 14:54:44 2018 : Debug: (10) Sent Access-Accept Id 167 from 10.24.28.195:1812 to 172.28.14.103:58252 length 0
> Fri Sep 28 14:54:44 2018 : Debug: (10)   MS-MPPE-Recv-Key = 0xffaaaefd3eda2dd4fbc9bf2df8a2697548ba63f8eb4f4f119d2f51be40cd093d
> Fri Sep 28 14:54:44 2018 : Debug: (10)   MS-MPPE-Send-Key = 0x0fb34fe01b9d953baf5787a9587b074d9d89c6dd5d8c0ada12fec1147efa412b
> Fri Sep 28 14:54:44 2018 : Debug: (10)   EAP-Message = 0x030b0004
> Fri Sep 28 14:54:44 2018 : Debug: (10)   Message-Authenticator = 0x00000000000000000000000000000000
> Fri Sep 28 14:54:44 2018 : Debug: (10)   User-Name = "heikki"

  Which is a different packet - (10), not (8).

  Read mods-available/eap.  See the "peap" subsection.  And then "use_tunneled_reply".

  Alan DeKok.



-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

More information about the Freeradius-Users mailing list