Acs and Dynamic vlan assignment problem

Unanswered Question
May 18th, 2009

Hi all,

I'm unable to dinamically pass the Radius attribute , about assigned vlan, to 802.1x clients.

I'm sure that everything is well configured but the only way to do it is configuring these attributes directly on user or group properties.

When i try to pass these attributes by appliction of a Shared RAC (acs 4.2) or NAP (ACS 5.0) the only message that i can find on the switch, where the vlan has to be configured, is:

dot1x-ev:Received VLAN is No Vlan

dot1x-ev:Received VLAN Id -1

The user is still authenticated successfully ( and all the profiles correctly assigned) but remain in the vlan statically configured on the interface.

The logic is working, but transmission do not.

Is this a bug ?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
gseadmins Mon, 05/25/2009 - 01:39


Dont'know if that was solved by the Patch 5-0-0-21-5, or by the reconfiguration of the NAP.

But now it is working, i think it was a misunderstanding about the use of NAP.

I've modified the "Default network access" adding and exception for the Guest group and i've created a new "Guest Profile".

Now the user is really inserted in the right profile, and so the exact vlan has been passed to the switch.

Thanks of your answer


This Discussion