dot1x with dynamci vlan assignment

Unanswered Question
Apr 11th, 2009

I hoping someone could point me to a configuration example on how to dynamically assign a VLAN on a switchport interface configured for dot1x authentication.

We have mostly Catalyst 3550 switches, and using Cisco Secure ACS 3.3.1 as our Radius server

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
esdouglas Mon, 04/13/2009 - 10:18

Thanks for the reply JG. I guess its my fault for not being more specific. Let me give all the details of what I'm trying to accomplish with dyanamic VLAN assigment, so you can provide a more informed responsed.

The goal is to be able to connect one of our mobile video conference (VC) units which support dot1x authetication, into any switch in the office and end up on VLAN 100 for example. Of course I already have all my users in the same office using dot1x authetication and end up on VLAN 200 for example when they pass authentication.

We currently use 2 indentically configured Cisco ACS servers to provide radius authetication for all of our offices, and the user vlan number is different in every office, but the VC vlan number is the same for every office.

What I'm hoping for, is that I DONT have to create a group for every office in order to assign the correct vlan for my users and the VC units, but have my user vlan be the default VLAN, unless a VC unit is authenticated and then assign it to VLAN 100.

Hopefully this is enough detail, let me know if you have any questions.

Thanks,

Earl D

Actions

This Discussion