802.1X - ntlm, Secure LDAP and dynamic vlan
Alan DeKok
aland at deployingradius.com
Wed Aug 25 02:52:12 CEST 2021
> On Aug 24, 2021, at 7:44 PM, Ray Burquest <rburquest at respiro.com.au> wrote:
>
> Hi,
>
> I am setting up a pilot for 802.1X with dynamic VLAN assignment based on the domain of the user attempting to connect to the switch. Users will be authenticated through different means depending on their domain ie
>
> user at domainA.com = ntlm
> user at domainB.com = Secure LDAP
> unrecognised domain = default guest VLAN
>
> I have got ntlm authentication and Secure LDAP authentication working independently but I would like some guidance as to how and where I configure the selection process and then then how to return the VLAN information
You return it in special RADIUS attributes. See the NAS documentation for which ones it needs.
Typically it's:
Tunnel-Type = VLAN,
Tunnel-Medium-Type = IEEE-802,
Tunnel-Private-Group-Id = "VLAN-NAME"
Alan DeKok.
More information about the Freeradius-Users
mailing list