Assign VLAN

Thu Dec 9 23:19:46 CET 2010

Dears,

	Below Access-Accept from ACS captured by Wireshark:

	AVP: l=6 t=Tunnel-Type(64) Tag=0x00: VLAN(13)
		Tag: 0x00
		Tunnel-Type: VLAN (13)
	AVP: l=6 t=Tunnel-Medium-Type(65) Tag=0x00: IEEE-802(6)
		Tag: 0x00
		Tunnel-Medium-Type: IEEE-802 (6)
	AVP: l=5 t=Tunnel-Private-Group-Id(81): 200
		Tunnel-Private-Group-Id: 200

	Attribute configured in freeradius users file:

	DEFAULT     Auth-Type = ntlm_auth
            	Tunnel-Type = "VLAN",
            	Tunnel-Medium-Type = "IEEE-802",
            	Tunnel-Private-Group-Id = "200"

As I said the attribute sent by ACS and Freeradius are the same. I still do not understand why this is not working.

It could be some incompatibility between cisco 2960 and Freeradius?

Regards,

Luciano Rangel

-----Original Message-----
From: freeradius-users-bounces+luciano.rangel=logica.com at lists.freeradius.org [mailto:freeradius-users-bounces+luciano.rangel=logica.com at lists.freeradius.org] On Behalf Of Alan DeKok
Sent: quinta-feira, 9 de dezembro de 2010 13:47
To: FreeRadius users mailing list
Subject: Re: Assign VLAN

Alan Buxey wrote:
> who knows..possibly the ORDER of the attributes?

  Any NAS that care about the order of attributes is violating the
specifications.

> is your switch one of those wierd ones that wants the NAME of the VLAN
> rather than its ID?

  Quite possibly.  If he had bothered looking at the Access-Accept from
ACS, he would have the answer to that question.

  Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Think green - keep it on the screen.

This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you.