Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
806
Views
0
Helpful
2
Replies

802.1x with Switch SRW2024-Web

xprojekt.dd
Level 1
Level 1

‎07-14-2010 07:16 AM - edited ‎03-10-2019 05:15 PM

Hi@all,

i want to implement a port based NAC with Windows Server 2008 NPS acting as RADIUS and some Linksys/Cisco SRW2024 - WebView Switches, using EAPoL and MD5-Auth.

(SRW2024: http://www.cisco.com/en/US/products/ps9989/index.html)

I am able to authenticate any Supplicant and open the port on the switch. But i've a probem with de VLAN-ID.

I only wan't to authenticate the user on the Switch-Port. All incoming traffic is unttaged an the Switch should tag the frames with configured PVID in Access Mode. But the switch doesn't either tag with configured PVID nor tag with the RADIUS-attributs:

Tunnel-Type -> VLAN
Tunnel-Medium-Type -> 802
Tunnel-Privat-Group-ID -> <VLAN-ID>

anyone an idea, what i'm doing wrong?

Labels:
0 Helpful
2 Replies 2

xprojekt.dd
Level 1
Level 1

‎07-14-2010 08:04 AM

ahh, i discovered one mistake..the RADIUS-attribut "Tunnel-Privat-Group-ID" has to be the name of the VLAN and not the VLAN ID....

so far...the switch accepts the attributs.

But i don't want to submit radius-attribut for setting dynamically the VLAN ID. I want to use the configured PVID per port in access mode, which still doesn't works.

0 Helpful

xprojekt.dd
Level 1
Level 1
In response to xprojekt.dd

‎07-14-2010 08:45 AM

Well, i don't understand the world anymore....after the switch was accepting the radius-attributes,

i removed the radius-attributes again...since that, the configured PVID in access-mode are working also.

sometimes these switches driving me crazy.

0 Helpful
Customers Also Viewed These Support Documents