freeradius auto-vlan 3com switch 4500G
Philippe Breton
pbreton at wustl.edu
Sun Nov 11 18:27:34 CET 2007
On Sun, 2007-11-11 at 17:37 +0100, Krzysztof Olędzki wrote:
> On 2007-11-10 17:30, Philippe Breton wrote:
> >> Did you setup your switch properly:
> >>
> >> domain (...)
> >> vlan-assignment-mode string
> >
> > Hard to give a 100% answer on this question. I believe I did with the
> > help of 3com support.
>
> This is the most important part. Please make sure it is set up (display
> current-configuration).
... I agree with you. The 4500G is new to me. I believe I got it right.
One important fact to keep in mind is the semantic is a litle different
between the 5500g and 4500G, i.e. what's in this doc does not apply in
the 4500G
http://www.3com.hu/download/switch_radius_setup.doc/switch_radius_setup.doc
This is my current config:
(Thanks for you comments about the 3870. What do you use?)
=============================================================================
4500G]display current-configuration
#
sysname 4500G
#
info-center source 8021X channel 0
info-center source MACAUTH channel 0
info-center source VLAN channel 0
undo info-center source default channel 0
info-center source default channel 1 log level debugging
info-center source MACAUTH channel 9 log level debugging
info-center loghost source Vlan-interface1
info-center loghost 172.20.181.220 facility local1
#
domain default enable system
#
local-server nas-ip 127.0.0.1 key 3com
#
telnet server enable
#
undo cluster enable
#
MAC-authentication
MAC-authentication domain wustl.edu
#
igmp-snooping
#
vlan 1
description VLAN172
igmp-snooping enable
#
vlan 2
description VLAN181
#
radius scheme system
server-type extended
primary authentication 127.0.0.1 1645
primary accounting 127.0.0.1 1646
user-name-format without-domain
radius scheme radius1
server-type standard
primary authentication 192.168.181.18
key authentication sdfsdfsfsf
user-name-format without-domain
#
domain system
access-limit disable
state active
idle-cut disable
self-service-url disable
domain wustl.edu
authentication default radius-scheme radius1
access-limit disable
state active
idle-cut disable
self-service-url disable
#
local-user admin
service-type telnet terminal
level 3
local-user manager
password simple manager
service-type telnet terminal
level 2
local-user monitor
password simple monitor
service-type telnet terminal
level 1
#
interface NULL0
#
interface Vlan-interface1
ip address 172.20.181.201 255.255.255.0
#
interface GigabitEthernet1/0/1
port link-type hybrid
port hybrid vlan 1 to 2 tagged
broadcast-suppression pps 3000
undo jumboframe enable
stp edged-port enable
#
interface GigabitEthernet1/0/2
port access vlan 2
broadcast-suppression pps 3000
undo jumboframe enable
stp edged-port enable
#
interface GigabitEthernet1/0/3
broadcast-suppression pps 3000
undo jumboframe enable
stp edged-port enable
#
interface GigabitEthernet1/0/4
broadcast-suppression pps 3000
undo jumboframe enable
stp edged-port enable
#
interface GigabitEthernet1/0/5
broadcast-suppression pps 3000
undo jumboframe enable
stp edged-port enable
#
interface GigabitEthernet1/0/6
broadcast-suppression pps 3000
undo jumboframe enable
stp edged-port enable
#
interface GigabitEthernet1/0/7
broadcast-suppression pps 3000
undo jumboframe enable
stp edged-port enable
#
interface GigabitEthernet1/0/8
broadcast-suppression pps 3000
undo jumboframe enable
stp edged-port enable
MAC-authentication
#
interface GigabitEthernet1/0/9
broadcast-suppression pps 3000
undo jumboframe enable
stp edged-port enable
#
interface GigabitEthernet1/0/10
broadcast-suppression pps 3000
undo jumboframe enable
stp edged-port enable
#
interface GigabitEthernet1/0/11
broadcast-suppression pps 3000
undo jumboframe enable
stp edged-port enable
#
interface GigabitEthernet1/0/12
broadcast-suppression pps 3000
undo jumboframe enable
stp edged-port enable
#
interface GigabitEthernet1/0/13
broadcast-suppression pps 3000
undo jumboframe enable
stp edged-port enable
#
interface GigabitEthernet1/0/14
broadcast-suppression pps 3000
undo jumboframe enable
stp edged-port enable
#
interface GigabitEthernet1/0/15
broadcast-suppression pps 3000
undo jumboframe enable
stp edged-port enable
#
interface GigabitEthernet1/0/16
broadcast-suppression pps 3000
undo jumboframe enable
stp edged-port enable
#
interface GigabitEthernet1/0/17
broadcast-suppression pps 3000
undo jumboframe enable
stp edged-port enable
#
interface GigabitEthernet1/0/18
broadcast-suppression pps 3000
undo jumboframe enable
stp edged-port enable
#
interface GigabitEthernet1/0/19
broadcast-suppression pps 3000
undo jumboframe enable
stp edged-port enable
#
interface GigabitEthernet1/0/20
broadcast-suppression pps 3000
undo jumboframe enable
stp edged-port enable
#
interface GigabitEthernet1/0/21
broadcast-suppression pps 3000
undo jumboframe enable
stp edged-port enable
#
interface GigabitEthernet1/0/22
broadcast-suppression pps 3000
undo jumboframe enable
stp edged-port enable
#
interface GigabitEthernet1/0/23
broadcast-suppression pps 3000
undo jumboframe enable
stp edged-port enable
#
interface GigabitEthernet1/0/24
broadcast-suppression pps 3000
undo jumboframe enable
stp edged-port enable
#
interface GigabitEthernet1/0/25
broadcast-suppression pps 3000
undo jumboframe enable
stp edged-port enable
#
interface GigabitEthernet1/0/26
broadcast-suppression pps 3000
undo jumboframe enable
stp edged-port enable
#
interface GigabitEthernet1/0/27
broadcast-suppression pps 3000
undo jumboframe enable
stp edged-port enable
#
interface GigabitEthernet1/0/28
broadcast-suppression pps 3000
undo jumboframe enable
stp edged-port enable
#
interface GigabitEthernet1/0/29
broadcast-suppression pps 3000
undo jumboframe enable
stp edged-port enable
#
interface GigabitEthernet1/0/30
broadcast-suppression pps 3000
undo jumboframe enable
stp edged-port enable
#
interface GigabitEthernet1/0/31
broadcast-suppression pps 3000
undo jumboframe enable
stp edged-port enable
#
interface GigabitEthernet1/0/32
broadcast-suppression pps 3000
undo jumboframe enable
stp edged-port enable
#
interface GigabitEthernet1/0/33
broadcast-suppression pps 3000
undo jumboframe enable
stp edged-port enable
#
interface GigabitEthernet1/0/34
broadcast-suppression pps 3000
undo jumboframe enable
stp edged-port enable
#
interface GigabitEthernet1/0/35
broadcast-suppression pps 3000
undo jumboframe enable
stp edged-port enable
#
interface GigabitEthernet1/0/36
broadcast-suppression pps 3000
undo jumboframe enable
stp edged-port enable
#
interface GigabitEthernet1/0/37
broadcast-suppression pps 3000
undo jumboframe enable
stp edged-port enable
#
interface GigabitEthernet1/0/38
broadcast-suppression pps 3000
undo jumboframe enable
stp edged-port enable
#
interface GigabitEthernet1/0/39
broadcast-suppression pps 3000
undo jumboframe enable
stp edged-port enable
#
interface GigabitEthernet1/0/40
broadcast-suppression pps 3000
undo jumboframe enable
stp edged-port enable
#
interface GigabitEthernet1/0/41
broadcast-suppression pps 3000
undo jumboframe enable
stp edged-port enable
#
interface GigabitEthernet1/0/42
broadcast-suppression pps 3000
undo jumboframe enable
stp edged-port enable
#
interface GigabitEthernet1/0/43
broadcast-suppression pps 3000
undo jumboframe enable
stp edged-port enable
#
interface GigabitEthernet1/0/44
broadcast-suppression pps 3000
undo jumboframe enable
stp edged-port enable
#
interface GigabitEthernet1/0/45
broadcast-suppression pps 3000
undo jumboframe enable
stp edged-port enable
#
interface GigabitEthernet1/0/46
broadcast-suppression pps 3000
undo jumboframe enable
stp edged-port enable
#
interface GigabitEthernet1/0/47
broadcast-suppression pps 3000
undo jumboframe enable
stp edged-port enable
#
interface GigabitEthernet1/0/48
broadcast-suppression pps 3000
undo jumboframe enable
stp edged-port enable
#
interface GigabitEthernet1/0/49
broadcast-suppression pps 3000
undo jumboframe enable
shutdown
stp edged-port enable
#
interface GigabitEthernet1/0/50
broadcast-suppression pps 3000
undo jumboframe enable
shutdown
stp edged-port enable
#
interface GigabitEthernet1/0/51
broadcast-suppression pps 3000
undo jumboframe enable
shutdown
stp edged-port enable
#
interface GigabitEthernet1/0/52
broadcast-suppression pps 3000
undo jumboframe enable
shutdown
stp edged-port enable
#
ip route-static 0.0.0.0 0.0.0.0 172.20.181.254
#
snmp-agent
snmp-agent local-engineid 8000002B03001AC1A234C1
snmp-agent community read public
snmp-agent community write private
snmp-agent sys-info version all
#
user-interface aux 0
authentication-mode scheme
user-interface vty 0 4
authentication-mode scheme
#
return
[4500G]
>
> Best regards,
>
> Krzysztof Olędzki
More information about the Freeradius-Users
mailing list