Freeradius and Zone Director

Andrew Andonopoulos andre8525 at hotmail.com
Mon Jul 2 15:05:16 CEST 2012


I think i will try to upgrade the zonedirector and i will check again the dynamic vlan
Thanks for the info

Date: Mon, 2 Jul 2012 14:56:35 +0200
Subject: Re: Freeradius and Zone Director
From: pmtelos at gmail.com
To: freeradius-users at lists.freeradius.org

OK I'm reading from some release notes for FW 9.3. I'll paste here

In previous versions, ZoneDirector supported Dynamic VLAN only on WLANs configured with 802.1X EAP, MAC Address, or 802.1X EAP + MAC Address authentication. With this release, Dynamic VLAN support is extended to be usable on WLANs configured with Open authentication and WPA/WPA2 and Zero-IT/Dynamic PSK encryption methods.
In short, any type of WLAN that uses a RADIUS server for user authentication can now be configured to receive Dynamic VLAN settings from the RADIUS server, and clients can be dynamically segmented into different VLANs based on RADIUS attributes.

Does that answer your question?

2012/7/2 Andrew Andonopoulos <andre8525 at hotmail.com>





hi,
zone director details are:
Model ZD1106

Version 9.1.0.0 build 23


Date: Mon, 2 Jul 2012 11:54:26 +0200
Subject: Re: Freeradius and Zone Director
From: pmtelos at gmail.com
To: freeradius-users at lists.freeradius.org


Hmm

If you are getting the success from testing then it should be ok. I've heard of people testing various things with the ZD in regards to a RADIUS server and it allways worked ok so I doubt that this would be a ZD issue.



Which FW are you using on the ZD?

2012/7/2 Andrew Andonopoulos <andre8525 at hotmail.com>






hi and thanks for your reply
>From the zone director side i am using 802.1x Eap with WPA (in the Wlan section) and the dynamic vlan is enabled. The AP and the zonedirector are connected with the an Alied Telesis core switch and i am allowing all the vlans and the native. The only i can think is a authentication issue for example the zone director is using eap but maybe i need to change something to the freeradius to allow eap. 


Also on the ruckus ZoneDirector the AAA server is configured correctly and when i trying to test the username and password i am receiving a success message. 
regards

Andrew

Date: Mon, 2 Jul 2012 11:06:41 +0200
Subject: Re: Freeradius and Zone Director
From: pmtelos at gmail.com
To: freeradius-users at lists.freeradius.org



I'm more of an RuckusWireless specialist than an freeRADIUS, but I'll try to help.

The ZD has a posibility of PAP or CHAP. Which Fw are you using?

The ZD and APs usualy work that if you have a trunk you also need a native (untagged network) for them to communicate. You can also use a management VLAN to manage all the devices. And it is also possible to use DHCP Option 43 for dicovery and such.




Regards

2012/7/2 Andrew Andonopoulos <andre8525 at hotmail.com>







Hello to all,
I have a problem with the freeradius and the Zonedirector. I am using MySql tables to store the radrequest and radreply also the Nas tables. If i connect a cat5 cable to the core switch i am getting an IP from the correct Vlan. If i use the zone director i can't authenticate and get the correct ip. I read somewhere that Ruckus Zonedirector is using chap and freeradius pap and chap but i am not sure if that's the issue. The zonedirector and the Access points are connected with trunk ports. I am wondering if someone faced the same problem and give me some ideas. 



RegardsAndrew
p.s attached file have the logs from the freeradius 		 	   		  

-

List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html


-- 
Primož Marinšek






-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html 		 	   		  

-

List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html


-- 
Primož Marinšek





-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html 		 	   		  

-

List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html


-- 
Primož Marinšek





-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20120702/edd31a4f/attachment.html>


More information about the Freeradius-Users mailing list