07-14-2010 07:16 AM - edited 03-10-2019 05:15 PM
Hi@all,
i want to implement a port based NAC with Windows Server 2008 NPS acting as RADIUS and some Linksys/Cisco SRW2024 - WebView Switches, using EAPoL and MD5-Auth.
(SRW2024: http://www.cisco.com/en/US/products/ps9989/index.html)
I am able to authenticate any Supplicant and open the port on the switch. But i've a probem with de VLAN-ID.
I only wan't to authenticate the user on the Switch-Port. All incoming traffic is unttaged an the Switch should tag the frames with configured PVID in Access Mode. But the switch doesn't either tag with configured PVID nor tag with the RADIUS-attributs:
Tunnel-Type -> VLAN
Tunnel-Medium-Type -> 802
Tunnel-Privat-Group-ID -> <VLAN-ID>
anyone an idea, what i'm doing wrong?
07-14-2010 08:04 AM
ahh, i discovered one mistake..the RADIUS-attribut "Tunnel-Privat-Group-ID" has to be the name of the VLAN and not the VLAN ID....
so far...the switch accepts the attributs.
But i don't want to submit radius-attribut for setting dynamically the VLAN ID. I want to use the configured PVID per port in access mode, which still doesn't works.
07-14-2010 08:45 AM
Well, i don't understand the world anymore....after the switch was accepting the radius-attributes,
i removed the radius-attributes again...since that, the configured PVID in access-mode are working also.
sometimes these switches driving me crazy.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide