Dynamic VLAN and FreeRadius
Alan DeKok
aland at deployingradius.com
Thu May 22 17:01:02 CEST 2008
Joel MBA OYONE wrote:
>> No. VLAN assignment is after SSID association, and after 802.1x
>> authentication.
>
> OK, is it possible to associate in SSID_1 and be assigned to a different
> VLAN than the we are associated in ?
That doesn't make sense. SSID's aren't tied to VLANs, unless you
configure them that way.
> (exemple, when i am associated to
> SSID_1, which belongs to VLAN100,
No... SSID's have nothing to do with VLAN's.
> RADIUS sends me
> "Tunnel-Private-Group-ID = 200", which belongs to another SSID, what
> would happen and would authentication process success?)
Read your NAS documentation to see how to do VLAN assignment, and how
it interacts with SSID's.
> - if i am assigned to another couple of SSID/VLAN than the one i am
> connected now by RADIUS, would authentication process restart at the
> beginning?
Stop talking about "SSID/VLAN". They are separate things.
When you do VLAN assignment with RADIUS, you do NOT need to
re-authenticate.
> - is it possible to do EAP-TLS, EAP-PEAP and EAP-MD5 without the use of
> 802.1x when RADIUS is the authentication Server for a supplicant?
What does that mean?
Alan DeKok.
More information about the Freeradius-Users
mailing list