Using freeradius and 802.1x for dynamic VLAN

lvizcardof at lvizcardof at
Thu Oct 11 21:45:58 CEST 2007

I use freeradius-1.0.4-1.FC4.1 version in a PC Linux Fedora Core 4.  
This radius server
authenticates to user in function to his login and key, if the  
information is correct the
radius server must send to user to the vlan 2 according to forms in  
the file users of the
radius server. This is the
configuration in the file users from radius server:


carlos  Auth-Type := EAP, User-Password == "carlos"
         Service-Type = Framed-User,
         Tunne-type = VLAN,
         Tunnel-medium-type = IEEE-802,
         Tunnel-Private-Group-Id = 2


I have the followin problem . When I authenticate to the user with   
login and key It
sends by defect to the vlan 1.
I have a switch DELL PowerConnect 5324. In this switch I have formed  
the ports to 802.1x
and I have two vlans: the vlan2 and vlan3
This is all the configuration in my switch:


console# show running-config
vlan database
vlan 2-3
interface ethernet g1
switchport access vlan 2
dot1x system-auth-control
interface range ethernet g(7-10)
dot1x port-control auto
interface range ethernet g(7-10)
dot1x re-authentication
interface vlan 2
ip address
interface vlan 3
ip address
ip default-gateway
radius-server host auth-port  1645 timeout  3
radius-server key misecreto
aaa authentication dot1x default radius
username admin password 7d8c9c8b116cdfe3fb091f4c1ac684de level 15 encrypted


The problem that I have is that when I authenticate to user with his  
login and key, The
radius server sends  the user to the vlan 1. Who can I do so that  
radius server sends the
user to the vlan that I select? , in this case is the vlan 2. I think  
that.  I review all
the information about how to form the radius server but, I don't know  
what more do.

do you have an idea of, how can I solve this problem?

This message was sent using IMP, the Internet Messaging Program.

More information about the Freeradius-Users mailing list