Re: Whether the FreeRADIUS supports switch 3Com 5500G-EI ?
Hello Gennadiy. I'm trying hard to achieve what you did, but with no success. Could you please let me know which firmware were you using on this switch, against what clients (native windows xp service pack 3 or windows vista radius client maybe ?) I'm trying to authenticate through PEAP with native radius client on windows xp sp3 and windows vista with FR2.0.5 with PEAP, and this model of 3com 5500G-EI : 5500G-EIdis version 3Com Corporation SuperStack 4 Switch 5500G-EI Software Version 3Com OS V3.02.04s168 Copyright (c) 2004-2007 3Com Corporation and its licensors, All rights reserved. SuperStack 4 Switch 5500G-EI uptime is 0 week, 0 day, 11 hours, 41 minutes 3Com SuperStack 4 Switch 5500G-EI 24-Port with 1 MIPS Processor 128Mbytes SDRAM 16384K bytes Flash Memory Config Register points to FLASH Hardware Version is REV.C CPLD Version is 002 Bootrom Version is 4.03 [Subslot 0] 24GE+4SFP Hardware Version is REV.C [Subslot 2] 2 STACK Hardware Version is REV.C Did you change something else on your switches or is only what you uploaded on the list, maybe something on windows or FR ? Best regards. Oxiel El Miércoles 11 Jun 2008, Gennadiy Redko escribió: Krzysztof Olędzki wrote: OK, we absolutely need some more info: - display vlan - display vlan ... (2?) - display interface ... (G7/0/40?) - display port-security interface ... (G7/0/40) Hi,Krzysztof Viktor Guk wrote: skip All too most, only with the letter G. [5500G-EI]disp vlan The following VLANs exist: 1(default), 2 [5500G-EI]disp vlan 2 VLAN ID: 2 VLAN Type: static Route Interface: not configured Description: vlan2 Name: vlan2 Tagged Ports: none Untagged Ports: GigabitEthernet7/0/39GigabitEthernet7/0/47 [5500G-EI]display interface GigabitEthernet 7/0/40 GigabitEthernet7/0/40 current state : DOWN IP Sending Frames' Format is PKTFMT_ETHNT_2, Hardware address is 001a-c147-8e68 Media type is twisted pair, loopback not set Port hardware type is 1000_BASE_T Unknown-speed mode, unknown-duplex mode Link speed type is autonegotiation, link duplex type is autonegotiation Flow-control is not enabled The Maximum Frame Length is 1522 Broadcast MAX-pps: 3000 Unicast MAX-ratio: 100% Multicast MAX-ratio: 100% Forbid jumbo frame to pass PVID: 1 Mdi type: auto Port link-type: access Tagged VLAN ID : none Untagged VLAN ID : 1 Last 300 seconds input: 0 packets/sec 7 bytes/sec Last 300 seconds output: 0 packets/sec 48 bytes/sec Input(total): 23 packets, 2240 bytes 2 broadcasts, 12 multicasts, 0 pauses Input(normal): - packets, - bytes - broadcasts, - multicasts, - pauses Input: 0 input errors, 0 runts, 0 giants, - throttles, 0 CRC - frame, - overruns, 0 aborts, - ignored, - parity errors Output(total): 151 packets, 14501 bytes 89 broadcasts, 50 multicasts, 0 pauses Output(normal): - packets, - bytes - broadcasts, - multicasts, - pauses Output: 0 output errors, - underruns, - buffer failures 0 aborts, 0 deferred, 0 collisions, 0 late collisions 0 lost carrier, - no carrier [5500G-EI]display port-security interface GigabitEthernet 7/0/40 GigabitEthernet7/0/40 is link-down Port mode is noRestriction NeedtoKnow mode is disabled Intrusion mode is no action Max mac-address num is not configured Stored mac-address num is 0 Authorization is permit With the options offered by you the stand too has not earned BTW: There is no need to add and use TMT802, freeradius already comes with all what you need here: Tunnel-Type = VLAN Tunnel-Medium-Type = IEEE-802 Tunnel-Private-Group-ID = ... Best regards, Krzysztof Olędzki Best regards. Gennadii Redko - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Whether the FreeRADIUS supports switch 3Com 5500G-EI ?
Ivan Kalik wrote: Did you put use-tunneled-reply=yes in peap config? I also can't see freeradius config files. Ivan Kalik Kalik Informatika ISP Hi, Ivan. This option too has not helped. Regards. Gennadii. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Whether the FreeRADIUS supports switch 3Com 5500G-EI ?
Krzysztof Olędzki wrote: OK, we absolutely need some more info: - display vlan - display vlan ... (2?) - display interface ... (G7/0/40?) - display port-security interface ... (G7/0/40) Hi,Krzysztof Viktor Guk wrote: skip All too most, only with the letter G. [5500G-EI]disp vlan The following VLANs exist: 1(default), 2 [5500G-EI]disp vlan 2 VLAN ID: 2 VLAN Type: static Route Interface: not configured Description: vlan2 Name: vlan2 Tagged Ports: none Untagged Ports: GigabitEthernet7/0/39GigabitEthernet7/0/47 [5500G-EI]display interface GigabitEthernet 7/0/40 GigabitEthernet7/0/40 current state : DOWN IP Sending Frames' Format is PKTFMT_ETHNT_2, Hardware address is 001a-c147-8e68 Media type is twisted pair, loopback not set Port hardware type is 1000_BASE_T Unknown-speed mode, unknown-duplex mode Link speed type is autonegotiation, link duplex type is autonegotiation Flow-control is not enabled The Maximum Frame Length is 1522 Broadcast MAX-pps: 3000 Unicast MAX-ratio: 100% Multicast MAX-ratio: 100% Forbid jumbo frame to pass PVID: 1 Mdi type: auto Port link-type: access Tagged VLAN ID : none Untagged VLAN ID : 1 Last 300 seconds input: 0 packets/sec 7 bytes/sec Last 300 seconds output: 0 packets/sec 48 bytes/sec Input(total): 23 packets, 2240 bytes 2 broadcasts, 12 multicasts, 0 pauses Input(normal): - packets, - bytes - broadcasts, - multicasts, - pauses Input: 0 input errors, 0 runts, 0 giants, - throttles, 0 CRC - frame, - overruns, 0 aborts, - ignored, - parity errors Output(total): 151 packets, 14501 bytes 89 broadcasts, 50 multicasts, 0 pauses Output(normal): - packets, - bytes - broadcasts, - multicasts, - pauses Output: 0 output errors, - underruns, - buffer failures 0 aborts, 0 deferred, 0 collisions, 0 late collisions 0 lost carrier, - no carrier [5500G-EI]display port-security interface GigabitEthernet 7/0/40 GigabitEthernet7/0/40 is link-down Port mode is noRestriction NeedtoKnow mode is disabled Intrusion mode is no action Max mac-address num is not configured Stored mac-address num is 0 Authorization is permit With the options offered by you the stand too has not earned BTW: There is no need to add and use TMT802, freeradius already comes with all what you need here: Tunnel-Type = VLAN Tunnel-Medium-Type = IEEE-802 Tunnel-Private-Group-ID = ... Best regards, Krzysztof Olędzki Best regards. Gennadii Redko - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Whether the FreeRADIUS supports switch 3Com 5500G-EI ?
On 2008-06-11 12:37, Gennadiy Redko wrote: CUT [5500G-EI]display interface GigabitEthernet 7/0/40 GigabitEthernet7/0/40 current state : DOWN This port is down, there is no client connected nor authorized/authenticated. CUT [5500G-EI]display port-security interface GigabitEthernet 7/0/40 GigabitEthernet7/0/40 is link-down Port mode is noRestriction noRestriction? port-security port-mode userlogin-secure? Best regards, Krzysztof Olędzki - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Whether the FreeRADIUS supports switch 3Com 5500G-EI ?
Did you put use-tunneled-reply=yes in peap config? I also can't see freeradius config files. Ivan Kalik Kalik Informatika ISP Dana 10/6/2008, Krzysztof Olędzki [EMAIL PROTECTED] piše: Sorry! We changed use_tunneled_reply = yes in other file of сonfig freeradius. After they found where necessarily correctly everything it earned(eap.conf). By all large thanks for help!!! - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Whether the FreeRADIUS supports switch 3Com 5500G-EI ?
Have the Tunnel attributes appeared now in the Access-Accept? If they have, that's all radius server can do. If the switch doesn't understand tunnel attributes ... Ivan Kalik Kalik Informatika ISP Dana 11/6/2008, Gennadiy Redko [EMAIL PROTECTED] piše: Ivan Kalik wrote: Did you put use-tunneled-reply=yes in peap config? I also can't see freeradius config files. Ivan Kalik Kalik Informatika ISP Hi, Ivan. This option too has not helped. Regards. Gennadii. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Whether the FreeRADIUS supports switch 3Com 5500G-EI ?
Sorry, my mistake. Missed the SHIFT while typing. Ivan Kalik Kalik Informatika ISP Dana 11/6/2008, Guk Viktor [EMAIL PROTECTED] piše: Did you put use-tunneled-reply=yes in peap config? I also can't see freeradius config files. Ivan Kalik Kalik Informatika ISP Dana 10/6/2008, Krzysztof OlÄdzki [EMAIL PROTECTED] piĹĄe: Sorry! We changed use_tunneled_reply = yes in other file of Ńonfig freeradius. After they found where necessarily correctly everything it earned(eap.conf). By all large thanks for help!!! - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Whether the FreeRADIUS supports switch 3Com 5500G-EI ?
Ivan Kalik ?: Have the Tunnel attributes appeared now in the Access-Accept? If they have, that's all radius server can do. If the switch doesn't understand tunnel attributes ... Yes. Now tunnel attributes began to be appeared. We with Victor shall lay out working configs and we shall close bugreport. Thanks for the help. Best regards Gennadii Redko. Ivan Kalik Kalik Informatika ISP Dana 11/6/2008, Gennadiy Redko [EMAIL PROTECTED] piše: Ivan Kalik wrote: Did you put use-tunneled-reply=yes in peap config? I also can't see freeradius config files. Ivan Kalik Kalik Informatika ISP Hi, Ivan. This option too has not helped. Regards. Gennadii. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Whether the FreeRADIUS supports switch 3Com 5500G-EI ?
Krzysztof Olędzki ?: I guess it works because it is properly configured. 3Com may also work if you setup it with (a blind guess): domain (...) vlan-assignment-mode string accounting optional It is updated firmware up to V3.03.01s56e. The config under your recommendations is changed. Does not work. Regards. Gennadii. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Whether the FreeRADIUS supports switch 3Com 5500G-EI ?
On 2008-06-10 14:45, Gennadiy Redko wrote: Krzysztof Olędzki ?: I guess it works because it is properly configured. 3Com may also work if you setup it with (a blind guess): domain (...) vlan-assignment-mode string accounting optional It is updated firmware up to V3.03.01s56e. Any reason you did not select a s168 version? The config under your recommendations is changed. Does not work. OK, we absolutely need some more info: - display vlan - display vlan ... (2?) - display interface ... (G7/0/40?) - display port-security interface ... (G7/0/40) BTW: There is no need to add and use TMT802, freeradius already comes with all what you need here: Tunnel-Type = VLAN Tunnel-Medium-Type = IEEE-802 Tunnel-Private-Group-ID = ... Best regards, Krzysztof Olędzki - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Whether the FreeRADIUS supports switch 3Com 5500G-EI ?
Krzysztof Olędzki пишет: On 2008-06-10 14:45, Gennadiy Redko wrote: Krzysztof Olędzki ?: I guess it works because it is properly configured. 3Com may also work if you setup it with (a blind guess): domain (...) vlan-assignment-mode string accounting optional It is updated firmware up to V3.03.01s56e. Any reason you did not select a s168 version? We do not apply encrypting. Though I too would choose a variant with a long key. Probably my colleague - the minimalist... The config under your recommendations is changed. Does not work. OK, we absolutely need some more info: - display vlan - display vlan ... (2?) - display interface ... (G7/0/40?) - display port-security interface ... (G7/0/40) I have opened bugreport: http://bugs.freeradius.org/show_bug.cgi?id=563 Here the reference to a full config of the switch: http://bugs.freeradius.org/showattachment.cgi?attach_id=267 BTW: There is no need to add and use TMT802, freeradius already comes with all what you need here: Tunnel-Type = VLAN Tunnel-Medium-Type = IEEE-802 Tunnel-Private-Group-ID = ... Tomorrow my colleague will try to apply your remarks and I shall inform result. We can give real IP to a stand, for acceleration of debugging Best regards. Gennadii Best regards, Krzysztof Olędzki - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Whether the FreeRADIUS supports switch 3Com 5500G-EI ?
On 2008-06-10 16:51, Gennadiy Redko wrote: Krzysztof Olędzki пишет: On 2008-06-10 14:45, Gennadiy Redko wrote: Krzysztof Olędzki ?: I guess it works because it is properly configured. 3Com may also work if you setup it with (a blind guess): domain (...) vlan-assignment-mode string accounting optional It is updated firmware up to V3.03.01s56e. Any reason you did not select a s168 version? We do not apply encrypting. Though I too would choose a variant with a long key. Probably my colleague - the minimalist... The config under your recommendations is changed. Does not work. OK, we absolutely need some more info: - display vlan - display vlan ... (2?) - display interface ... (G7/0/40?) - display port-security interface ... (G7/0/40) I have opened bugreport: http://bugs.freeradius.org/show_bug.cgi?id=563 Here the reference to a full config of the switch: http://bugs.freeradius.org/showattachment.cgi?attach_id=267 I'm not able to locate the output of above commands there. Best regards, Krzysztof Olędzki - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Whether the FreeRADIUS supports switch 3Com 5500G-EI ?
Krzysztof Olędzki пишет: I'm not able to locate the output of above commands there. Similar, that this config for the switch 5500 without G. I'm sorry. Tomorrow we shall understand. Regards. Gennadii. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Whether the FreeRADIUS supports switch 3Com 5500G-EI ?
Did you put use-tunneled-reply=yes in peap config? I also can't see freeradius config files. Ivan Kalik Kalik Informatika ISP Dana 10/6/2008, Krzysztof Olędzki [EMAIL PROTECTED] piše: On 2008-06-10 16:51, Gennadiy Redko wrote: Krzysztof OlÄ#65533;dzki пиŃ#65533;ĐľŃ#65533;: On 2008-06-10 14:45, Gennadiy Redko wrote: Krzysztof OlÄ#65533;dzki ?: I guess it works because it is properly configured. 3Com may also work if you setup it with (a blind guess): domain (...) vlan-assignment-mode string accounting optional It is updated firmware up to V3.03.01s56e. Any reason you did not select a s168 version? We do not apply encrypting. Though I too would choose a variant with a long key. Probably my colleague - the minimalist... The config under your recommendations is changed. Does not work. OK, we absolutely need some more info: - display vlan - display vlan ... (2?) - display interface ... (G7/0/40?) - display port-security interface ... (G7/0/40) I have opened bugreport: http://bugs.freeradius.org/show_bug.cgi?id=563 Here the reference to a full config of the switch: http://bugs.freeradius.org/showattachment.cgi?attach_id=267 I'm not able to locate the output of above commands there. Best regards, Krzysztof OlÄ#65533;dzki - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Whether the FreeRADIUS supports switch 3Com 5500G-EI ?
On 2008-06-10 17:33, Gennadiy Redko wrote: Krzysztof Olędzki пишет: I'm not able to locate the output of above commands there. Similar, that this config for the switch 5500 without G. I'm sorry. Tomorrow we shall understand. I'm not asking for configs here but for an output of some quite important diagnostic commands. Best regards, Krzysztof Olędzki - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Whether the FreeRADIUS supports switch 3Com 5500G-EI ?
Krzysztof Olędzki пишет: On 2008-06-10 17:33, Gennadiy Redko wrote: Krzysztof Olędzki пишет: I'm not able to locate the output of above commands there. Similar, that this config for the switch 5500 without G. I'm sorry. Tomorrow we shall understand. I'm not asking for configs here but for an output of some quite important diagnostic commands. Unfortunately I already have left work. I can enter commands only tomorrow. Regards. Gennadii. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Whether the FreeRADIUS supports switch 3Com 5500G-EI ?
Ivan Kalik ?: Did you put use-tunneled-reply=yes in peap config? I also can't see Maybe *use_tunneled_reply=yes* ? freeradius config files. Has loaded once again. http://bugs.freeradius.org/showattachment.cgi?attach_id=276 It's .ZIP file with a name raddb.zip - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Whether the FreeRADIUS supports switch 3Com 5500G-EI ?
Hi,all. I wish to dispose authorization on the switch with the dynamic isolation VID on the port on the protocol of 802.1x on RADIUS Server. Stand: the switch of 3Com 5500-EI (Software Of version of 3Com OS Of v3.02.03s56), computer from OS Windows XP (SP2), RHEL 5 update 1, freeradius-1.1.3-1.2.el5,kernel 2.6.18-53.el5 #1 SMP. Technical support of the 3Com has advised to use here this document for adjustment: http://www.3com.com/products/en_US/result.jsp?selected=2sort=effdtorder=descsku=3CR17250-91 DUA1725-0BAA02.pdf , page 415 The authorization to FreeRadius is passed at the given moment, but to port is not allotted necessary VID. FreeRADIUS does not support 3Com switches ? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Whether the FreeRADIUS supports switch 3Com 5500G-EI ?
Gennadiy Redko wrote: The authorization to FreeRadius is passed at the given moment, but to port is not allotted necessary VID. The 3com switch is broken. FreeRADIUS does not support 3Com switches ? FreeRADIUS is sending the attributes that the 3com documentation says is necessary. The 3com switch is responsible for interpreting those attributes, and following it's documented behavior. No, FreeRADIUS is not broken. The switch is broken, or the documentation doesn't match the switch behavior. FreeRADIUS is fine. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Whether the FreeRADIUS supports switch 3Com 5500G-EI ?
Alan DeKok ?: Gennadiy Redko wrote: The authorization to FreeRadius is passed at the given moment, but to port is not allotted necessary VID. The 3com switch is broken. Hardly I have six new switch on a choice. FreeRADIUS does not support 3Com switches ? FreeRADIUS is sending the attributes that the 3com documentation says is necessary. The 3com switch is responsible for interpreting those attributes, and following it's documented behavior. No, FreeRADIUS is not broken. The switch is broken, or the documentation doesn't match the switch behavior. It is clear. Whether it is possible to check up somehow a management on adjustment for presence of mistakes? Technical support 3Com wishes to show, that I somewhere have incorrectly adjusted FreeRADIUS. But at same stand Cisco 2970 - works. Here last answer of technical support 3Com: Dear Sir, Thank you for enquiring about 3Com Professional Services. We have reviewed your current situation and feel that at this time the best course of action is for you to engage a local, independent Linux expert who can make further investigations and then liaise with our own 3Com Level 2 or Level 3 Technical support divisions on resolution. Kind regards Lee. Lee Newman EMEA Service Sales Manager 3Com Global Services FreeRADIUS is fine. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Whether the FreeRADIUS supports switch 3Com 5500G-EI ?
Gennadiy Redko wrote: It is clear. Whether it is possible to check up somehow a management on adjustment for presence of mistakes? Technical support 3Com wishes to I shall ask in another way: Whether there are working FreeRADIUS config files for 3Com 5500G-EI? Let for other type of authorization. If only it was not local type of authorization. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Whether the FreeRADIUS supports switch 3Com 5500G-EI ?
Gennadiy Redko wrote: Alan DeKok ?: The 3com switch is broken. Hardly I have six new switch on a choice. shrug You're the one who said the switch isn't behaving as documented. It is clear. Whether it is possible to check up somehow a management on adjustment for presence of mistakes? Technical support 3Com wishes to show, that I somewhere have incorrectly adjusted FreeRADIUS. Send them a packet trace generated from wireshark. It will be normal RADIUS. Then ask them why their switch doesn't do RADIUS, or why it doesn't behave as documented. But at same stand Cisco 2970 - works. See? Cisco works. Tell 3com that the Cisco engineers know what they're doing. Here last answer of technical support 3Com: ... We have reviewed your current situation and feel that at this time the best course of action is for you to engage a local, independent Linux expert who can make further investigations and then liaise with our own 3Com Level 2 or Level 3 Technical support divisions on resolution. That's not a nice response. This has nothing to do with Linux. They are simply refusing to support their equipment I suggest buying equipment that works (like the Cisco box), or telling 3com that you don't care *why* their switch doesn't behave as documented you just want the switch fixed. If they won't fix it, return the switch, and demand that your money (including support fees) is refunded. Tell them that FreeRADIUS is the #1 RADIUS server on the planet, and that it's defining the new RADIUS standards. i.e. FreeRADIUS is pretty much the de-facto standard RADIUS implementation. Anything that doesn't work with FreeRADIUS is buggy. If they don't like that, submit a bug on freeradius.org saying that 3com is broken. Anyone else trying to buy their equipment will discover that it doesn't work, and will go to another vendor. Intel tried this a few years back, when one of their access points failed to implement RADIUS properly. They eventually fixed their software, but they started off by claiming that FreeRADIUS wasn't compatible with their equipment. That kind of response is usually from a low-level support flunky who can barely spell RADIUS. They use any excuse to claim that they don't have to give you the support that you paid for. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Whether the FreeRADIUS supports switch 3Com 5500G-EI ?
Gennadiy Redko wrote: Gennadiy Redko wrote: It is clear. Whether it is possible to check up somehow a management on adjustment for presence of mistakes? Technical support 3Com wishes to I shall ask in another way: Whether there are working FreeRADIUS config files for 3Com 5500G-EI? No. No such configuration exists, because there should be nothing special about that switch. That is, FreeRADIUS doesn't include sample configurations for every possible configuration of every possible software version of every possible switch. Let for other type of authorization. If only it was not local type of authorization. I have no idea what that means. This is just RADIUS. There's nothing magic. If you send something to a Cisco switch, and it does what you want, then the Cisco switch works. if you send something to the 3com switch, and it doesn't do what you want, it's broken. Especially if the 3com documentation tells you what to send... and you're sending what the documentation says. It's time to stop arguing. Stop trying to figure out ways around it. It's not a FreeRADIUS problem. It's a 3com problem. The ONLY way you can show it's a FreeRADIUS problem is by showing that the packets produced by FreeRADIUS violate the RADIUS specifications. That doesn't happen... I note in all of this that you've been very careful to NOT describe what the 3com documentation says is necessary... and you've been careful to NOT describe what you've configured FreeRADIUS to send. if the two are different... there's not much I can say. If the two are identical, then the switch or documentation is broken. Can I please convince you to stop arguing, and believe that the switch or documentation is broken? Go fight with the 3com support people. They're the ones who have sold you a broken product, and are refusing to support it. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Whether the FreeRADIUS supports switch 3Com 5500G-EI ?
On 2008-06-09 15:34, Gennadiy Redko wrote: Hi,all. I wish to dispose authorization on the switch with the dynamic isolation VID on the port on the protocol of 802.1x on RADIUS Server. Stand: the switch of 3Com 5500-EI 5500-EI or 5500G-EI? (Software Of version of 3Com OS Of v3.02.03s56) Too old and quite buggy with respect to radius handling. The authorization to FreeRadius is passed at the given moment, but to port is not allotted necessary VID. FreeRADIUS does not support 3Com switches ? Yep, without any problems. Best regards, Krzysztof Olędzki - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Whether the FreeRADIUS supports switch 3Com 5500G-EI ?
Krzysztof Ole;dzki ?: (Software Of version of 3Com OS Of v3.02.03s56) Too old and quite buggy with respect to radius handling. Really... The authorization to FreeRadius is passed at the given moment, but to port is not allotted necessary VID. FreeRADIUS does not support 3Com switches ? Yep, without any problems. And it is possible to see your configs? Best regards, Krzysztof Ole;dzki - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Whether the FreeRADIUS supports switch 3Com 5500G-EI ?
Krzysztof Olędzki ?: I guess it works because it is properly configured. 3Com may also work if you setup it with (a blind guess): domain (...) vlan-assignment-mode string accounting optional Thanks for advice. And it is possible to see your configs? Regards Gennadii Redko. Best regards, Krzysztof Olędzki - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Whether the FreeRADIUS supports switch 3Com 5500G-EI ?
Alan DeKok ?: If they don't like that, submit a bug on freeradius.org saying that 3com is broken. Anyone else trying to buy their equipment will discover that it doesn't work, and will go to another vendor. Whether I do not know correctly has acted, but I have followed your advice: http://bugs.freeradius.org/show_bug.cgi?id=563 Thanks :) Gennadii Redko. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
