Dynamic VLAN assignment on NAS

Attou eric gouroueric at yahoo.fr
Thu Nov 18 18:22:47 CET 2010

Hi the list

I'm sure this is  NAS question, not Freeradius' question. But perhaps 

somebody on the list had experienced this issue. Here is my problem.

I setup :

  -  A Freeradius configuration EAP/PEAP with user credentials stored in LDAP 

  - A  NAS zcomax ag3621 wireless access point with VLAN 802.1q support. on this 

    access point, i have one SSID associated  by default with guest VLAN 30. 
meaning if a 

   user failed authentication, he will still connected but on this VLAN with 
reduced privileges.

However radius return the following Access-accept packet to my NAS,

      Sending Access-Accept of id 81 to port 1032
        Tunnel-Private-Group-Id:0 = "60"
        Tunnel-Medium-Type:0 = IEEE-802
        Tunnel-Type:0 = VLAN
        User-Name = "user1"

   The access point just put user1 on VLAN 30. My NAS ignore the VLAN ID 60 
(Tunnel-Private-Group-Id:0 = "60")

contained in the Access-Accept. I try with two different models of Access point 
(zcomax and cisco)

   My question: Is there a particular config to do to ask the NAS to consider 
the VLAN ID contained in

 the Access-Accept packet ?

                 Thanks for your answers

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20101118/30b9a122/attachment.html>

More information about the Freeradius-Users mailing list