802.1x dynamic vlan assignment not assigning VLAN
Alan DeKok
aland at deployingradius.com
Tue May 12 13:46:43 CEST 2015
On May 12, 2015, at 7:11 AM, Martijn Craeghs <martijncr at msn.com> wrote:
> As far as authentication goes it works. My user get's authenticated and
> recieves an Access-Accept message in this form.
That's good. All of the correct VLAN attributes are there.
> Sending Access-Accept of id 12 to xxx.xxx.xxx.xxx port 6103
> Tunnel-Private-Group-Id:0 = "vlan_name"
This should be the string representing the VLAN number... i.e. "50".
> I've added the tunnel attributes to my LDAP directory and like the previous
> freeradius debug message show it's stored in the radius package.
Then you've configured FreeRADIUS correctly.
> I've ran out of options and forums to look through at this point.
>
> Would be glad if someone could give me a push in the right direction. Not
> even sure if i should look for the problem on the freeradius side or the
> switch side.
It's probably the switch. Use the VLAN number, not name, in the FreeRADIUS configuration. That will probably make the switch assign the correct VLAN.
As always, when the packet from FreeRADIUS is correct and it still doesn't work... blame the NAS / AP / switch.
Alan DeKok.
More information about the Freeradius-Users
mailing list