Multiple Vlan assigment in Free radius server with Cisco Nexus Switch.
deepak rawat
deepakrawat.singh at yahoo.com
Wed Dec 15 11:00:00 CET 2021
Hi,
Can someone tell me how we can give two Vlan in Free radius user file , It would be good if you share the example how it looks.
Kind Regards,Deepak Rawat
On Tuesday, December 14, 2021, 07:13:23 PM GMT+1, deepak rawat via Freeradius-Users <freeradius-users at lists.freeradius.org> wrote:
Thanks for reply
Ok I will check with Cisco TAC as well but still I want to know how can someone give two vlan in freeradius to work because we have 9000 series Cisco switch as well and we can try over it.
If you could share the syntax then it would be great help to me
One more question - We have one more radius server as well which is connected in same network. So is it possible if I connect my nodes ( O have 3 nodes Which are cascaded network mean first node is connected to Cisco port 11 and second one is connected to first node port and so on for third node and authenticator and supplicant is working in all of them) to Port 11 as first node connected to port 11 and then it is connected to free radius-1 which is passing vlan 1968 and other radius -2 which will pass 1969 for second nodeWill that work?
Regards,Deepak
Sent from Yahoo Mail for iPhone
On Monday, December 13, 2021, 1:04 PM, Brian Turnbow <b.turnbow at twt.it> wrote:
<!--#yiv8499505207 _filtered {} _filtered {} _filtered {}#yiv8499505207 #yiv8499505207 p.yiv8499505207MsoNormal, #yiv8499505207 li.yiv8499505207MsoNormal, #yiv8499505207 div.yiv8499505207MsoNormal {margin:0in;margin-bottom:.0001pt;font-size:12.0pt;font-family:"Times New Roman", serif;}#yiv8499505207 a:link, #yiv8499505207 span.yiv8499505207MsoHyperlink {color:blue;text-decoration:underline;}#yiv8499505207 a:visited, #yiv8499505207 span.yiv8499505207MsoHyperlinkFollowed {color:purple;text-decoration:underline;}#yiv8499505207 p.yiv8499505207msonormal0, #yiv8499505207 li.yiv8499505207msonormal0, #yiv8499505207 div.yiv8499505207msonormal0 {margin-right:0in;margin-left:0in;font-size:12.0pt;font-family:"Times New Roman", serif;}#yiv8499505207 p.yiv8499505207yahoo-quoted-begin, #yiv8499505207 li.yiv8499505207yahoo-quoted-begin, #yiv8499505207 div.yiv8499505207yahoo-quoted-begin {margin-right:0in;margin-left:0in;font-size:12.0pt;font-family:"Times New Roman", serif;}#yiv8499505207 span.yiv8499505207EmailStyle19 {font-family:"Calibri", sans-serif;color:#1F497D;}#yiv8499505207 .yiv8499505207MsoChpDefault {font-size:10.0pt;} _filtered {}#yiv8499505207 div.yiv8499505207WordSection1 {}-->
Hi Deepak
Dynamic assignment works
Multiple vlans work with multiple users when sending each user one vlan
Having one user assigned multiple vlans, which was your original request, is not possible on this switch ,or if there is some way to it it is not documented anywhere.
They are data center switches not access switches, and do not even support the use of a voice vlan as a second vlan on the port, nor guest vlans etc.
Nothing you can do in freeradius will change that.
Brian
From: deepak rawat <deepakrawat.singh at yahoo.com>
Sent: Monday, December 13, 2021 12:33 PM
To: Brian Turnbow <b.turnbow at twt.it>; FreeRadius users mailing list <freeradius-users at lists.freeradius.org>
Subject: Re: Multiple Vlan assigment in Free radius server with Cisco Nexus Switch.
Hi,
What made you to comment this because dynamic vlan assignment is working in our case and Cisco is giving the vlan to the port as per input from radius server but yes not giving multiple vlan or I think I am giving the inputs in incorrect way. If you can tell me the correct format then I can try it.
We raised the Cisco TAC case as well and they said they can provide multiple tunnel vlan.
Maybe I misunderstood what you mean or I did it find exact words in document which you pointed
Thanks
Sent from Yahoo Mail for iPhone
On Monday, December 13, 2021, 12:03 PM, Brian Turnbow <b.turnbow at twt.it> wrote:
Hi
> Hi,
> Thanks for the reply,
> We have a Nexus 3548-X Cisco Switch and as per cisco it support the Multiple
> Vlan.
Nexxus 3000 series support multiple vlans, but not assigning multiple vlan to users from radius under 802.1x
The Nexus 3000 is very limted here, please see the restrictions section in the guide.
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus3000/sw/security/93x/b-cisco-nexus-3000-nx-os-security-configuration-guide-93x/b-cisco-nexus-3000-nx-os-security-configuration-guide-93x_chapter_01101.html#con_1379620
Unless there is some secret undocumented magic that I am unaware of, it is cisco....
Brian
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list