vlan and freeradius

Phil Mayers p.mayers at imperial.ac.uk
Wed Mar 3 19:44:29 CET 2010


On 03/03/2010 03:01 PM, omega bk wrote:
> 2) " set the switch to use RADIUS return attributes for VLAN (and for
> session time etc)
> and set the fail VLAN and guest VLAN to Y"  => that's really what i want
> to do so in my users file
>
> myuser       Cleartext-Password := "user"
>                     Tunnel-type = VLAN,
>                     Tunnel-Medium-Type = 802,
>                     Tunnel-Private-Group-ID = "666"
>                     Session-Timeout = "28800"
>                     Termination-Action = "RADIUS-Request"
>
> but how to set the fail VLAN and guest VLAN to Y ???

Setting the "Fail" and "Guest" VLAN by radius doesn't make any sense.

The "Fail" vlan is what to use when the radius server is unavailable.

The "Guest" vlan is what to do when the client doesn't do 802.1x i.e. no 
radius.

So you can't set these over radius.



More information about the Freeradius-Users mailing list