Hello Jason,
if radius reject it , then it mean that the 802.1x auth failed.
The solution will be to configure the supplicant to only do machine auth.
Regards
Fabrice
Le 2018-08-20 à 08:46, HALL, Jason (CITY HEALTH CARE PARTNERSHIP CIC -
NNF) via PacketFence-users a écrit :
Im trying to setup packetfence to use machine authentication for wired
connections.
My switch has 2 VLANS
Vlan 1 – Clients
Vlan 2 – Guests
If the machine is on my domain I want it to drop it vlan 1
So I have a switch setup on packetfence with the right roles and vlan
assignment and an AD authentication source with the username attribute
set to servicePrincipalName,
I can boot a machine up and it drops it into the right vlan, I can
then login with a domain account and its still in the correct vlan.
But if I login with a local admin account RADIUS rejects it. Is there
a RADIUS/VLAN filter I need to add to use Machine Authentication only
and not user auth?
If I boot up a machine not on the domain its not dropping it into any vlan
*Jason Hall*
*IT Server and Network Lead*
********************************************************************************************************************
This message may contain confidential information. If you are not the
intended recipient please inform the
sender that you have received the message in error before deleting it.
Please do not disclose, copy or distribute information in this e-mail
or take any action in relation to its contents. To do so is strictly
prohibited and may be unlawful. Thank you for your co-operation.
NHSmail is the secure email and directory service available for all
NHS staff in England and Scotland. NHSmail is approved for exchanging
patient data and other sensitive information with NHSmail and other
accredited email services.
For more information and to find out how you can switch,
https://portal.nhs.net/help/joiningnhsmail
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
