RADIUS-assigned VLANs on Catalyst 2960G

Answered Question
Jul 7th, 2009

I have a few 2960G switches I recently acquired, and I'm trying to get them to authenticate with a RADIUS server I'm running. The authentication process works fine, but though the RADIUS server is sending attributes as to which VLAN tag to use, the port stays a member of the VLAN it's set to (with "switchport access vlan ..."). I can set the guest and failed VLANs manually, but what I really want is to have the RADIUS server send VLAN attributes depending on which username or machine authenticates.

Looking through the documentation I don't see anything that specifically mentions this, so I'm afraid I purchased the wrong model. Anyone else know?

I have this problem too.
0 votes
Correct Answer by Glenn Quesenberry about 7 years 4 months ago

I found this reference to RADIUS/VLAN assignments in the documentation here.  Have you seen/tried this reference yet (page 31 of the doc)?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Glenn Quesenberry Tue, 07/21/2009 - 12:49

I found this reference to RADIUS/VLAN assignments in the documentation here.  Have you seen/tried this reference yet (page 31 of the doc)?

duckstoreadmin Tue, 07/21/2009 - 13:56

Yup, that's what I missed. I had everything configured, but I was missing the line "aaa authorization network...". Once I did this, everything worked as normal. Thanks for the help!

Glenn Quesenberry Tue, 07/21/2009 - 14:11

Glad to be of help, sorry for the delayed reply to your post!  This one must have gotten overlooked, my appologies!  We strive to provide answers and feedback as quickly as possible and usually is within 24 to 48 hrs during normal business hours.  Once again sorry for the delay!

Best Regards,

Glenn

duckstoreadmin Tue, 07/21/2009 - 14:33

Not a problem. I re-read the pertinent areas of the config guide and found what I was looking for.

Actions

This Discussion