vlan and freeradius

Michael Schwartzkopff misch at multinet.de
Wed Mar 3 15:40:47 CET 2010


Am Mittwoch, 3. März 2010 15:34:56 schrieb Jens Link:
> omega bk <omegabk at gmail.com> writes:
>
> Hi,
>
> > so i would like to redirect my winxp authenticated to VLAN1 and if not
> > authenticated , this client must be in vlan2
> >
> > i got a switch cisco
> >
> > so how to handla this with freeradius?
>
> Depends on how you do the authentication:
>
> Using certificates (either machine based or user based) 802.1x is the
> way to go if it's okay for you to use only the MAC address of the client
> (and you are using Cisco) VMPS might be worth a look.
>
> @Alan: I would document VMPS in some more detail in the wiki if my
> access would be working. ;-)
>
> Jens

Port authentication also works with mac addresses. You just have to pass back 
on the correct attributes to the cisco. AND your IOS has to be able to 
interprete them.

Greetings,
 
-- 
Dr. Michael Schwartzkopff
MultiNET Services GmbH
Addresse: Bretonischer Ring 7; 85630 Grasbrunn; Germany
Tel: +49 - 89 - 45 69 11 0
Fax: +49 - 89 - 45 69 11 21
mob: +49 - 174 - 343 28 75

mail: misch at multinet.de
web: www.multinet.de

Sitz der Gesellschaft: 85630 Grasbrunn
Registergericht: Amtsgericht München HRB 114375
Geschäftsführer: Günter Jurgeneit, Hubert Martens

---

PGP Fingerprint: F919 3919 FF12 ED5A 2801 DEA6 AA77 57A4 EDD8 979B
Skype: misch42




More information about the Freeradius-Users mailing list