Multiple Vlan assigment in Free radius server with Cisco Nexus Switch.
deepak rawat
deepakrawat.singh at yahoo.com
Mon Dec 13 11:17:27 CET 2021
Hi,
Thanks for the reply,
We have a Nexus 3548-X Cisco Switch and as per cisco it support the Multiple Vlan.
I tried to follow this RFC4675 but not able to find any example so not sure how to configure it.
I have two vlan 1968 and Vlan 1969 and both are tagged.
Does it look like this E23D213926.ericsson.com Cleartext-Password := "54321" Tunnel-Type = VLAN, Tunnel-Medium-Type = IEEE-802, Tunnel-Private-Group-ID =+ 0x3100007B0,0x3100007B1
Regards,Deepak Rawat
On Monday, December 13, 2021, 09:13:49 AM GMT+1, petr.linke at seznam.cz <petr.linke at seznam.cz> wrote:
"Hi Alan,Yes it is possible to give two vlan in Cisco as a trunk vlan and
our node which is connected to Cisco port is also has two vlan 1968 and 1969
and both of them are trunk and connected to Cisco port and over it dot1x is
working.Our problem is whenever we are giving one vlan in free radius server
like 1968 or 1969 then Cisco AUTH VLAN is set accordingly but if we try to
give two vlan together in free radius user file the. The Cisco dot1x is
change to AUTH Vlan as default vlan(1).
So is it poosible to give two vlan in free radius server with cisco switch
and if yes the in which pattern we need to give in radius user file.
"
You must use the radius attribute egress-vlan-id to set the port as a VLAN
trunk during authorization (see RFC4675). This attribute can be set multiple
times (use operator =+). See https://wiki.freeradius.org/vendor/HP#procurve
-port-authentication-special-features_dynamic-vlan-assignment_rfc-4675-
multiple-tagged-untagged-vlan-assignment.
" What does this Cisco documentation say? i.e. is it possible for you to
assign two VLANs to the same device? "
It is dependend on version of Cisco IOS.
""
Petr Linke
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list