Multiple Vlan assigment in Free radius server with Cisco Nexus Switch.

deepak rawat deepakrawat.singh at yahoo.com
Wed Dec 15 11:00:00 CET 2021


Hi,
Can someone tell me how we can give two Vlan in Free radius user file , It would be good if you share the example how it looks.

Kind Regards,Deepak Rawat
 

    On Tuesday, December 14, 2021, 07:13:23 PM GMT+1, deepak rawat via Freeradius-Users <freeradius-users at lists.freeradius.org> wrote:  
 
 

Thanks for reply 
Ok I will check with Cisco TAC as well but still I want to know how can someone give two vlan in freeradius to work because we have 9000 series Cisco switch as well and we can try over it.
If you could share the syntax then it would be great help to me 

One more question - We have one more radius server as well which is connected in same network. So is it possible if I connect my nodes ( O have 3 nodes Which are cascaded network mean first node is connected to Cisco port 11 and second one is connected to first node port and so on for third node and authenticator and supplicant is working in all of them) to Port 11 as first node connected to port 11 and then it is connected to free radius-1 which is passing vlan 1968 and other radius -2  which will pass 1969 for second nodeWill that work?
Regards,Deepak

Sent from Yahoo Mail for iPhone


On Monday, December 13, 2021, 1:04 PM, Brian Turnbow <b.turnbow at twt.it> wrote:

<!--#yiv8499505207 _filtered {} _filtered {} _filtered {}#yiv8499505207 #yiv8499505207 p.yiv8499505207MsoNormal, #yiv8499505207 li.yiv8499505207MsoNormal, #yiv8499505207 div.yiv8499505207MsoNormal {margin:0in;margin-bottom:.0001pt;font-size:12.0pt;font-family:"Times New Roman", serif;}#yiv8499505207 a:link, #yiv8499505207 span.yiv8499505207MsoHyperlink {color:blue;text-decoration:underline;}#yiv8499505207 a:visited, #yiv8499505207 span.yiv8499505207MsoHyperlinkFollowed {color:purple;text-decoration:underline;}#yiv8499505207 p.yiv8499505207msonormal0, #yiv8499505207 li.yiv8499505207msonormal0, #yiv8499505207 div.yiv8499505207msonormal0 {margin-right:0in;margin-left:0in;font-size:12.0pt;font-family:"Times New Roman", serif;}#yiv8499505207 p.yiv8499505207yahoo-quoted-begin, #yiv8499505207 li.yiv8499505207yahoo-quoted-begin, #yiv8499505207 div.yiv8499505207yahoo-quoted-begin {margin-right:0in;margin-left:0in;font-size:12.0pt;font-family:"Times New Roman", serif;}#yiv8499505207 span.yiv8499505207EmailStyle19 {font-family:"Calibri", sans-serif;color:#1F497D;}#yiv8499505207 .yiv8499505207MsoChpDefault {font-size:10.0pt;} _filtered {}#yiv8499505207 div.yiv8499505207WordSection1 {}-->
Hi Deepak
 
  
 
Dynamic assignment works
 
Multiple vlans work  with multiple users when sending each user one vlan
 
Having one user assigned multiple vlans, which was your original request,   is not possible on this switch ,or if  there is some way to it it is not documented anywhere.
 
They are data center switches not access switches,  and do not even support the use of a voice vlan as a second vlan on the port, nor guest vlans etc.
 
Nothing you can do in freeradius will change that.
 
  
 
Brian
 
  
 
  
 
  
 
From: deepak rawat <deepakrawat.singh at yahoo.com>
Sent: Monday, December 13, 2021 12:33 PM
To: Brian Turnbow <b.turnbow at twt.it>; FreeRadius users mailing list <freeradius-users at lists.freeradius.org>
Subject: Re: Multiple Vlan assigment in Free radius server with Cisco Nexus Switch.
 
  
 
Hi,
 
What made you to comment this because dynamic vlan assignment is working in our case and Cisco is giving the vlan to the port as per input from radius server but yes not giving multiple vlan or I think I am giving the inputs in incorrect way. If you can tell me the correct format then I can try it.
 
We raised the Cisco TAC case as well and they said they can provide multiple tunnel vlan.
 
  
 
Maybe I misunderstood what you mean or I did it find exact words in document which you pointed 
 
Thanks 


Sent from Yahoo Mail for iPhone
 
On Monday, December 13, 2021, 12:03 PM, Brian Turnbow <b.turnbow at twt.it> wrote:
 

Hi 

> Hi,
> Thanks for the reply,
> We have a Nexus 3548-X Cisco Switch and as per cisco it support the Multiple
> Vlan.
 


Nexxus 3000 series support multiple vlans, but  not assigning multiple vlan to users from radius under 802.1x
The Nexus 3000 is very limted here, please see the restrictions section in the guide.

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus3000/sw/security/93x/b-cisco-nexus-3000-nx-os-security-configuration-guide-93x/b-cisco-nexus-3000-nx-os-security-configuration-guide-93x_chapter_01101.html#con_1379620

Unless there is some secret undocumented magic that I am unaware of, it is cisco....

Brian
 
  
 



-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html



-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
  


More information about the Freeradius-Users mailing list