Re: Multiple Vlan assigment in Free radius server with Cisco Nexus Switch.
petr.linke at seznam.cz
petr.linke at seznam.cz
Mon Dec 13 09:11:27 CET 2021
"Hi Alan,Yes it is possible to give two vlan in Cisco as a trunk vlan and
our node which is connected to Cisco port is also has two vlan 1968 and 1969
and both of them are trunk and connected to Cisco port and over it dot1x is
working.Our problem is whenever we are giving one vlan in free radius server
like 1968 or 1969 then Cisco AUTH VLAN is set accordingly but if we try to
give two vlan together in free radius user file the. The Cisco dot1x is
change to AUTH Vlan as default vlan(1).
So is it poosible to give two vlan in free radius server with cisco switch
and if yes the in which pattern we need to give in radius user file.
"
You must use the radius attribute egress-vlan-id to set the port as a VLAN
trunk during authorization (see RFC4675). This attribute can be set multiple
times (use operator =+). See https://wiki.freeradius.org/vendor/HP#procurve
-port-authentication-special-features_dynamic-vlan-assignment_rfc-4675-
multiple-tagged-untagged-vlan-assignment.
" What does this Cisco documentation say? i.e. is it possible for you to
assign two VLANs to the same device? "
It is dependend on version of Cisco IOS.
""
Petr Linke
More information about the Freeradius-Users
mailing list