Assign VLAN from freeradius to Cisco 3550 switch.

Wassim Zaarour wassim.zaarour at navlink.com
Wed Apr 25 09:52:14 CEST 2012 

Hi Alan and thanks for your reply,

I changed it as you suggested and I still got the same behavior:


Users

wassim	Cleartext-Password := "wassim"
       Tunnel-Medium-Type = IEEE-802,
       Tunnel-Type = VLAN,
       Tunnel-Private-Group-Id = 100


Radiusd -X:

# Executing section post-auth from file
/etc/raddb/sites-enabled/inner-tunnel
} # server inner-tunnel
[ttls] Got tunneled reply code 2
	Tunnel-Medium-Type:0 = IEEE-802
	Tunnel-Type:0 = VLAN
	Tunnel-Private-Group-Id:0 = "100"
[ttls] Got tunneled Access-Accept
[eap] Freeing handler
++[eap] returns ok
# Executing section post-auth from file /etc/raddb/sites-enabled/default
+- entering group post-auth {...}
++[exec] returns noop
Sending Access-Accept of id 137 to 192.168.1.8 port 1645
	Tunnel-Medium-Type:0 = IEEE-802
	Tunnel-Type:0 = VLAN
	Tunnel-Private-Group-Id:0 = "100"
	MS-MPPE-Recv-Key =
0x28911c2a106aee9ae42700d2cabd1de93803a84259a4d669e7c0a72ca07454bf
	MS-MPPE-Send-Key =
0xf4742fbc2193f49eef63f8d8f92a225be5ddbba4a5946456ad51acba72eecb32
	EAP-Message = 0x03060004
	Message-Authenticator = 0x00000000000000000000000000000000
	User-Name = "wassim"


Cisco Switchh:


4w0d: RADIUS:  Message-Authenticato[80]  18
4w0d: RADIUS:   8D 41 75 97 26 ED 72 23 97 F7 59 57 1F B7 6A 04
[?Au?&?r#??YW??j?]
4w0d: RADIUS: Received from id 1645/137 192.168.1.57:1812, Access-Accept,
len 185
4w0d: RADIUS:  authenticator 94 1E 2A 28 2E 35 8C 55 - B6 BA 85 CE EC AF
42 57
4w0d: RADIUS:  Tunnel-Medium-Type  [65]  6   00:Unsupported            [6]
4w0d: RADIUS:  Tunnel-Type         [64]  6   00:Unsupported            [13]
4w0d: RADIUS:  Tunnel-Private-Group[81]  5   "100"
4w0d: RADIUS:  Vendor, Microsoft   [26]  58
4w0d: RADIUS:   MS-MPPE-Recv-Key   [17]  52







On 4/25/12 10:36 AM, "alan buxey" <A.L.M.Buxey at lboro.ac.uk> wrote:

>Hi,
>
>>    I know this subject have been brought up but I'm kind of stuck and I
>>hope
>>    I can get a little help.
>>    I am trying to assign vlans from freeradius to a cisco 3550 switch
>>but its
>>    not working.
>>    I keep getting the following in the debug in the switch:
>> 
>>    3w6d: RADIUS:  Tunnel-Medium-Type  [65]  6   01:Unsupported
>>  [6]
>> 
>>    3w6d: RADIUS:  Tunnel-Type         [64]  6   01:Unsupported
>> 
>>    [13]
>> 
>>    I read the mail archives and googled with no luck.
>> 
>>    Users file configuration:
>> 
>>    wassim  Cleartext-Password := "wassim"
>> 
>>            Tunnel-Medium-Type:1 = IEEE-802,
>> 
>>            Tunnel-Type:1 = VLAN,
>> 
>>            Tunnel-Private-Group-Id:1 = 100
>
>
>what documents were you following?
>
>your stuff is close...but wrong. I dont know why you have added the :1
>stuff, its much simpler than that
>
>
>wassim  Cleartext-Password := "wassim"
>	Tunnel-Medium-Type = IEEE-802,
>	Tunnel-Type = VLAN,
>	Tunnel-Private-Group-Id = 100
>
>
>alan
>-
>List info/subscribe/unsubscribe? See
>http://www.freeradius.org/list/users.html

More information about the Freeradius-Users mailing list