Dynamic VLAN Assignment

fsdfsf fsdfdsf xyzzyxxyzxoyx at gmail.com
Mon Apr 22 15:46:59 CEST 2019


I'm running CentOS 7 version 3.0.13-9 of Freeradius which is my networks
router with 2 users (resident, and guest). I have a wireless access point
where WPA2-enterprise security is set up as a NAS. On my router (RADIUS
server), I have a VLAN interface setup with a IP address within the subnet
where I want specific users to have a dynamically assigned IP address. I
also have DHCPD setup listening on the VLAN interface with the pool of IPs
that will be dynamically assigned to those users.

I currently have the users configuration file setup like so:

guest          Cleartext-Password := "password"
               Service-Type = Framed-User,
               Tunnel-Type = "VLAN",
               Tunnel-Medium-Type = "802",
               Tunnel-Private-Group-ID = "192"

The Tunnel-Private-Group-ID value being the VLAN ID I configured on the
RADIUS / router.

In the mods-enabled/eap configuration I've also enabled the
"use_tunneled_reply = yes" option.

My expectation or rather my desired outcome is to have any clients that
login using the guest account to have a dynamically assigned IP address
from the DHCPD instance that's listening on the VLAN interface, however the
outcome is that they're being assigned IPs from the VLAN's parent
interface. I'm sort of a noob with radius and apologize if I've misplaced
something. Does anyone have any ideas on why I may be getting this outcome?


More information about the Freeradius-Users mailing list