Using unlang to customize Tunnel-Medium-Type for 3com switches
stasheck
stasheck.fora at gmail.com
Fri Sep 30 16:41:01 CEST 2011
Hi,
I just wanted to share what I did in the end.
First of all, it turned out that 3com actually interprets "IEEE-802"
in proper way - and there was no need for unlang. However I'm glad I
learned how it (unlang) works, and had to learn a bit more about
RADIUS :-) So nothing's wasted.
There were two causes as to why the switch didn't work at first: it
turns out that Comware3 switches (such as 4200G) have to have both
authentication and authorization servers set up (hardly surprising),
and I failed to do this :-) Shame on me.
However, I've also found strange behaviour.
Comware3 configuration allows for different VLAN indication modes in
"domain" section:
vlan-assignment-mode ?
integer Integer Vlan assignment mode
string String Vlan assignment mode
vlan-list List Vlan assignment mode
I'm not sure why, but if it works in "integer" mode (default), it
switches port to "RADIUS-indicated-VLAN"+48 - so when RADIUS sends
Tunnel-Private-Group-ID=4, the port goes to VLAN 52. Can't figure out
why.
But when I switched mode to "string" (which is supposed to work with
VLAN names, not numbers - but interprets numbers nevertheless) - it
work perfectly. Knowing unlang helped debugging this A LOT!
So thank you very much for your support, it would've taken me much
longer to figure it all out without it.
/br
Stan
More information about the Freeradius-Users
mailing list