Dynamic VLAN assignment on NAS
Attou eric
gouroueric at yahoo.fr
Thu Nov 18 18:22:47 CET 2010
Hi the list
I'm sure this is NAS question, not Freeradius' question. But perhaps
somebody on the list had experienced this issue. Here is my problem.
I setup :
- A Freeradius configuration EAP/PEAP with user credentials stored in LDAP
directory.
- A NAS zcomax ag3621 wireless access point with VLAN 802.1q support. on this
access point, i have one SSID associated by default with guest VLAN 30.
meaning if a
user failed authentication, he will still connected but on this VLAN with
reduced privileges.
However radius return the following Access-accept packet to my NAS,
Sending Access-Accept of id 81 to 192.168.32.88 port 1032
Tunnel-Private-Group-Id:0 = "60"
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Type:0 = VLAN
User-Name = "user1"
The access point just put user1 on VLAN 30. My NAS ignore the VLAN ID 60
(Tunnel-Private-Group-Id:0 = "60")
contained in the Access-Accept. I try with two different models of Access point
(zcomax and cisco)
My question: Is there a particular config to do to ask the NAS to consider
the VLAN ID contained in
the Access-Accept packet ?
Thanks for your answers
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20101118/30b9a122/attachment.html>
More information about the Freeradius-Users
mailing list