Guillermo Borrallo <guilleb...@hotmail.com> wrote: > > I have a problem to change vlan on a Catalyst 2950 switch using the > 802.1x protocol. The problem is that no changes to the vlan you > specified. The authentication and validation of the user is correct, > but does not change vlan. > You might want to consider reading the *Cisco* documentation...on the...erm...*Cisco* website rather than posting on the FreeRADIUS mailing list about problems you are having with your...erm...*Cisco* equipment?
Unsurprisingly this is where *FreeRADIUS* problems are solved...not $OTHER_VENDUH issues. I could also argue that this information is lurking in the FreeRADIUS wiki: http://wiki.freeradius.org/FreeRADIUS_Active_Directory_Integration_HOWTO#Configuration_of_the_switch > Freeradius User Configuration: > > steve Cleartext-Password := "testing" Service-Type = Framed-User, > Tunnel-Type = VLAN, Tunnel-Medium-Type = IEEE-802, > Tunnel-Private-Group-ID = 2 > I have no idea why people keep insisting on doing this, but make 'Tunnel-Private-Group-ID' the VLAN *name*. You are only going to end up killing yourself later on if you insist on using VLAN ID's. You should also type: ---- vlan 1 name cheese vlan 2 name toast ---- Then you can use 'cheese' and 'toast' to put people into VLAN's instead; handy if you have to send this information across administrative domains. > Switch 2950 configuration: > aaa new-model > aaa authentication login default local > aaa authentication dot1x default group radius > *sigh* For those who cannot be bothered to read the readily, freely, non-login protected available documentation[1]: ---- aaa authorization network default group radius aaa accounting dot1x default start-stop group radius ---- If that does not work, I cannot be bothered to check the rest of your (incomplete) config so I recommend you read the...erm...documentation. Regards [1] http://www.cisco.com/en/US/products/hw/switches/ps628/tsd_products_support_series_home.html and more specifically http://www.cisco.com/en/US/docs/switches/lan/catalyst2950/software/release/12.1_22_ea11x/configuration/guide/sw8021x.html -- Alexander Clouter .sigmonster says: Do not use if foil seal is broken. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
