My opinion is, if you let RADIUS handle assigning the role and leverage Policy to contain the role to a particular vlan, that may be the easiest method.
Patrick Printz Network Infrastructure Quinsigamond Community College 670 West Boylston Street Worcester, MA 01606-2092 w. 508-854-7517 c. 508-726-9529 "Opportunities multiply as they are seized." - Sun Tzu From: POVEDA SANCHEZ, WENCESLAO [mailto:wpov...@dip-alicante.es] Sent: Friday, August 26, 2011 8:25 AM To: Enterasys Customer Mailing List Subject: RE: [enterasys] NetSight on Suse or Windows Thanks Patrick, I just need a way to identify the user connected to a switch port and depending on this auth place him in one or other vlan. The IP assignment is made with a DHCP Server in each network. Salu2 _______________________________________________________ Wenceslao Poveda Sanchez. Ingeniero Informático de Sistemas. mail: wpov...@dip-alicante.es Telf: 965988900#8416 Depto. De Informática :: Unidad de Sistemas Informáticos Área de Modernización Excma. Diputación Provincial de Alicante. _______________________________________________________ La información contenida en este correo electrónico es confidencial, incluyendo sus adjuntos, y va dirigida únicamente al receptor/es que aparece como destinatario. Si ha recibido este mensaje por error, por favor, notifíquenoslo inmediatamente y bórrelo de su sistema. Queda terminantemente prohibida a cualquier otra persona su revelación, copia, distribución o cualquier tipo de tratamiento. _______________________________________________________ De: Patrick Printz [mailto:ppri...@qcc.mass.edu] Enviado el: viernes, 26 de agosto de 2011 14:17 Para: Enterasys Customer Mailing List Asunto: RE: [enterasys] NetSight on Suse or Windows Depending on what you are trying to achieve, you could have the VLAN determined by NPS/RADIUS, or you can have the VLAN assigned based on policy by using the Contain to VLAN option if supported by your hardware. The first link has the NMS info for working in Policy Manager, the second just has to do with using NPS/RADIUS to control the VLAN's. https://extranet.enterasys.com/downloads/Pages/dms.ashx?download=65648d7f-7eda-4c22-b558-893990edc7af http://technet.microsoft.com/en-us/library/cc772124(WS.10).aspx One thing to consider is DHCP as well. If a system is switching to a different vlan and you want the authenticating device to pull a different IP, you need to consider how to make that happen if the system already pulled an IP initially. That is an issue I ran into early on in working with setting up vlan's based on the authenticated role. Patrick Printz Network Infrastructure Quinsigamond Community College 670 West Boylston Street Worcester, MA 01606-2092 w. 508-854-7517 c. 508-726-9529 "Opportunities multiply as they are seized." - Sun Tzu From: POVEDA SANCHEZ, WENCESLAO [mailto:wpov...@dip-alicante.es] Sent: Friday, August 26, 2011 7:16 AM To: Enterasys Customer Mailing List Subject: RE: [enterasys] NetSight on Suse or Windows Hi, Can anybody tell me where to find info about configuring dynamic VLAN on ports depending on 802.1x auth or MAC auth? Thanks. _______________________________________________________ La información contenida en este correo electrónico es confidencial, incluyendo sus adjuntos, y va dirigida únicamente al receptor/es que aparece como destinatario. Si ha recibido este mensaje por error, por favor, notifíquenoslo inmediatamente y bórrelo de su sistema. Queda terminantemente prohibida a cualquier otra persona su revelación, copia, distribución o cualquier tipo de tratamiento. _______________________________________________________ * --To unsubscribe from enterasys, send email to lists...@unc.edu with the body: unsubscribe enterasys ppri...@qcc.mass.edu * --To unsubscribe from enterasys, send email to lists...@unc.edu with the body: unsubscribe enterasys wpov...@dip-alicante.es * --To unsubscribe from enterasys, send email to lists...@unc.edu with the body: unsubscribe enterasys ppri...@qcc.mass.edu --- To unsubscribe from enterasys, send email to lists...@unc.edu with the body: unsubscribe enterasys arch...@mail-archive.com
