Joel MBA OYONE wrote: ... > The VLAN attributes defined in RFC3580 are as follows: > • Tunnel-Type=VLAN (13) > • Tunnel-Medium-Type=802 > • Tunnel-Private-Group-ID=VLANID > > NOTE: The FreeRADIUS dictionary maps the 802 string value to the integer 6, > which > is why client entries use 6 for the Tunnel-Medium-Type value.
No. For Tunnel-Medium-Type, "802" is a *name*, not a *number*. See Section 3.2 of RFC 2868: ... Value The Value field is three octets and contains one of the values listed under "Address Family Numbers" in [14]. For the sake of convenience, a relevant excerpt of this list is reproduced below. 1 IPv4 (IP version 4) 2 IPv6 (IP version 6) 3 NSAP 4 HDLC (8-bit multidrop) 5 BBN 1822 6 802 (includes all 802 media plus Ethernet "canonical format") ... FreeRADIUS gets it *right*. Many NAS vendors get it *wrong*. > To create a user and assign the user to a particular VLAN by using > FreeRADIUS, open the > etc/raddb/users file, which contains the user account information, and add > for the new user. > The following example shows the entry for a user in the users file. The > username is > “johndoe,” the password is “test1234.” The user is assigned to VLAN 77. > > johndoe Auth-Type: = EAP, User-Password == “test1234" > Tunnel-Type = 13, > Tunnel-Medium-Type = 6, Or: Tunnel-Medium-Type = IEEE-802 .... > > in both cases, it stays on "IDENTITY VALIDATION" in xp wireless management > and sometime i receive the right ip adresss in the right IP Pool. ut lost it > immediately, maybe cause of the repeating cycle of athentication sequence. > AND, the client certificate, signed by the Server (not the CA root) is still > with the same message. > > > hope it would be helpfull !! Arg. Microsoft keeps putting magic nonsense into their OS's to make it difficult to use non-Microsoft RADIUS servers. And yes, this *is* a problem even inside of Microsoft! So if you're finding it a PITA to get it working, rest assured that Microsoft does, too. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html