You might want to add the vlan as some field in AD / ldap and then see if there is any way to access that using the radius or vlan filters to push the vlan to the user. Not sure it will be possible to be honest
On Fri, Dec 10, 2021, 13:29 jj c <ece44...@gmail.com> wrote: > nice thank you for the clarification and advice. > > we have many clients per client we have vlan with dhcp server. > what we want to achieve is that when a client connect in the network using > his AD acount in the portal.packetfence will give the right vlan to that > client. > > so what we did is to put hundreds of vlan in roles. and put it in the > authentication sources. so that when a client login in the > portal. pf will send the right vlan.but it did not work out with what we > are expecting. maybe youre right we are misusing the roles. > > On Sat, Dec 11, 2021 at 12:05 AM Diego Garcia del Rio <garc...@gmail.com> > wrote: > >> But how many roles are you defining ? Several hundred? If so then you're >> probably misusing the roles. In that case, indeed, vlan-pool is what you >> want. >> >> The manual describes vlan-pools as the following: >> >> For a VLAN pool instead of defining a VLAN identifier, you can set a >> value like that: 20..23,27..30 >> >> So... for example, for role "students" you could define a vlan pool like >> "1000..2999" and if you select the "vlan pool technique" as "vlan per >> user" as shown below: >> >> [image: image.png] >> >> >> >> then the system will allocate, for users belonging to the role "students" >> one vlan in the range 1000 through 2999 (both inclusive). But if there are >> more USERS in that role than VLANs then vlan allocation will start to fail. >> >> The other allocation methods can potentially give the same vlan to 2 or >> more users. >> >> >> Not sure what your use-case is, but vlan-per-user can be a pain to >> manage. It makes sense in things like hotels or maybe university student >> accommodation... >> >> cheers, >> >> >> >> >> On Fri, Dec 10, 2021, 12:43 jj c <ece44...@gmail.com> wrote: >> >>> sorry for the confusion but i have 2 question here. >>> 1. when i define roles with each own vlan and use it in authentication >>> sources the packetfence 11.0 experience slowness. >>> 2. i want to understand the vlan pool technique per_user_vlan.in the >>> current manual there is no written details about it. >>> >>> On Fri, Dec 10, 2021 at 11:31 PM Diego Garcia del Rio <garc...@gmail.com> >>> wrote: >>> >>>> you should be able to easily do vlan per role.. .but you seem to be >>>> wanting a vlan per user? >>>> >>>> or you have 300 roles defined and each with its own vlan?? >>>> >>>> On Fri, Dec 10, 2021 at 12:22 PM jj c via PacketFence-users < >>>> packetfence-users@lists.sourceforge.net> wrote: >>>> >>>>> Hi to all, >>>>> is it possible to bind roles per vlan? because we use vlan per client. >>>>> lets say role1=vlan 10,role2=vlan20,role3=vlan30 and so on. the problem is >>>>> when you put 300 vlan in authentication sources and roles we are >>>>> experiencing slowness when browsing packetfence. also what is per user >>>>> vlan >>>>> in vlan technique i cannot find in the manual. >>>>> >>>>> Thank you, >>>>> james >>>>> _______________________________________________ >>>>> PacketFence-users mailing list >>>>> PacketFence-users@lists.sourceforge.net >>>>> https://lists.sourceforge.net/lists/listinfo/packetfence-users >>>>> >>>>
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
