On Fri, Oct 11, 2013 at 05:41:07PM +0100, Fabrizio Vecchi wrote:
As you can see, the device wasn't listed in the file, the authentication
went fine, saying that the tunnel that I should get has ID 40, but that
wasn't overwritten by the authorized_macs check...
Add
DEFAULT Auth-Type := Reject
On Mon, Oct 14, 2013 at 10:40:19AM +0100, Matthew Newton wrote:
On Fri, Oct 11, 2013 at 05:41:07PM +0100, Fabrizio Vecchi wrote:
As you can see, the device wasn't listed in the file, the authentication
went fine, saying that the tunnel that I should get has ID 40, but that
wasn't
Fabrizio Vecchi wrote:
First of all, sorry if my email is very long, I am just trying not to
leave any important details out. :)
That's good.
So far, I managed to do the dynamic VLAN assignment, but cannot seem to
get it to work together with the MAC checking.
They key thing to remember
Hi Alan and thanks for the reply.
On 12 October 2013 13:42, Alan DeKok al...@deployingradius.com wrote:
So far, I managed to do the dynamic VLAN assignment, but cannot seem to
get it to work together with the MAC checking.
Get them working independently. Then, put the pieces together
Fabrizio Vecchi wrote:
I guess at the end of the day my question boils down to the following:
where should I put the MAC check, so that the user gets assigned to the
right VLAN?
In post-auth.
If I put it in the authorize part of sites-enabled/default, the VLAN
update request will get
to take care of users who connect to our network with
their own devices, on which we don't have control and that could spread all
sorts of malware in the internal network.
So far, I managed to do the dynamic VLAN assignment, but cannot seem to get
it to work together with the MAC checking.
I can get
to take care of users who connect to our network with
their own devices, on which we don't have control and that could spread all
sorts of malware in the internal network.
So far, I managed to do the dynamic VLAN assignment, but cannot seem to get
it to work together with the MAC checking.
I can get
Hello,
I want to perform dynamic VLAN assignment by username through wifi
access. I set up this configuration few time ago but didn't works.
I want to know which WiFi APs are compatible and/or what is the term to
search for in devices specifications ...
Regards,
--
Matthew Pideil
-
List info
On 3 Oct 2013, at 10:57, matthew pideil matthew.pid...@teledetection.fr wrote:
Hello,
I want to perform dynamic VLAN assignment by username through wifi
access. I set up this configuration few time ago but didn't works.
I want to know which WiFi APs are compatible and/or what is the term
On Fri, Jul 19, 2013 at 06:03:31PM +0200, Dario Palmisano wrote:
RADIUS-assigned VLANs are not supported when you enable multiple BSSIDs.
So it seems not to be related to the IOS version, is it?
Is there any way to overcome this somehow, if not...
Do you actually need multiple bssids?
Hello Everybody,
I am configuring my freeradius to be integrated in the EDUROAM federation.
It works when the VLAN (as configured in the accesspoint) is statically
assigned.
Now I would like to implement a dynamic vlan assignment on a per user basis;
in this case the Macintosh I am using
a dynamic vlan assignment on a per user basis;
in this case the Macintosh I am using for test gets authenticated but is not
able to get the ip address frm DHCP (it shows as 169.254.120.248), so remaing
isolated.
I carefully followed instructions (regarding the accesspoint and freeradius
Hi,
I am configuring my freeradius to be integrated in the EDUROAM federation.
It works when the VLAN (as configured in the accesspoint) is statically
assigned.
there are hundreds of sites using this sort of configuration for eduroam - so
its perfectly possible and fine (and standard!) so
) is
statically assigned.
Now I would like to implement a dynamic vlan assignment on a per user
basis; in this case the Macintosh I am using for test gets authenticated
but is not able to get the ip address frm DHCP (it shows as
169.254.120.248), so remaing isolated.
I carefully followed
You are right, I know!
On Friday 19 July 2013 15:52:43 a.l.m.bu...@lboro.ac.uk wrote:
Hi,
I am configuring my freeradius to be integrated in the EDUROAM
federation. It works when the VLAN (as configured in the accesspoint) is
statically assigned.
there are hundreds of sites using this
federation. It works when the VLAN (as configured in the accesspoint) is
statically assigned.
Now I would like to implement a dynamic vlan assignment on a per user
basis; in this case the Macintosh I am using for test gets authenticated
but is not able to get the ip address frm DHCP (it shows
Hi,
The specific configuration works fine I remove the following line from users
file:
Tunnel-Type := VLAN, Tunnel-Medium-Type := IEEE-802, Tunnel-Private-
Group-ID := 218
Tunnel-Type = VLAN,
Tunnel-Medium-Type = IEEE-802,
Tunnel-Private-Group-ID = 218
Hi,
Here you can download the (almost complete) debug log. Near the end I added a
text to make evident when I disconnected.
http://webshare.icgeb.org//data/public/ce2e2ee9fbd84c362fd49b10805b36c8.php?lang=en
please dont ask me to visit random web sites that require to to click on things
am configuring my freeradius to be integrated in the EDUROAM
federation. It works when the VLAN (as configured in the accesspoint)
is statically assigned.
Now I would like to implement a dynamic vlan assignment on a per user
basis; in this case the Macintosh I am using for test gets
On Friday 19 July 2013 16:54:13 a.l.m.bu...@lboro.ac.uk wrote:
Hi,
The specific configuration works fine I remove the following line from
users file:
Tunnel-Type := VLAN, Tunnel-Medium-Type := IEEE-802, Tunnel-Private-
Group-ID := 218
Tunnel-Type = VLAN,
On Fri, Jul 19, 2013 at 04:20:51PM +0200, Dario Palmisano wrote:
is this a 'fat/autonomous' AP? if so, then only latest firmware can handle
multiple VLANS per 802.1X SSID with multiple BSSIDs present.
This could be the problem, I found something in the Cisco documentation but
was unsure
At the end, thanks to the list suggestions I found in the cisco docs the
sentence:
Keep these guidelines in mind when configuring multiple BSSIDs:
RADIUS-assigned VLANs are not supported when you enable multiple BSSIDs.
So it seems not to be related to the IOS version, is it?
Is there any
I'm sure there was some late in the day ios updates for 1130 series AP this
stuff works with capwap/lwapp 1131 anyway, if MBSSID is not supported with
dynamic vlan assignment so don't use mbssid, use guest mode instead.
alan
-
List info/subscribe/unsubscribe? See http
Hi guys
I had to also set the *use_tunneled_reply=yes* in the eap.conf to get
the Dynamic vlan assignment to work
On 12 July 2013 19:42, val john valjohn1...@gmail.com wrote:
Hi guys ,
Small question , do i need to import radius ldap schema ( items like
radiusprofiles
) to our ldap
Hi guys ,
i have a freeradius setup that works with ldap group authentication ,i also
need to configure the dynamic VLAN assignment , so i configured the
users file as fallows ,
DEFAULT Ldap-Group == cn=staff,ou=groups,dc=ldap,dc=example,dc=com
Tunnel-Type = VLAN,
Tunnel-Medium
On 12 Jul 2013, at 13:57, val john valjohn1...@gmail.com wrote:
Hi guys ,
i have a freeradius setup that works with ldap group authentication ,i also
need to configure the dynamic VLAN assignment , so i configured the users
file as fallows ,
DEFAULT Ldap-Group == cn=staff,ou=groups
...@gmail.com wrote:
Hi guys ,
i have a freeradius setup that works with ldap group authentication ,i
also need to configure the dynamic VLAN assignment , so i configured the
users file as fallows ,
DEFAULT Ldap-Group == cn=staff,ou=groups,dc=ldap,dc=example,dc=com
Tunnel-Type = VLAN
Am Mittwoch, 9. Januar 2013, 16:51:22 schrieb Matthew Ceroni:
Hi:
I am using FreeRadius version 2.1.12 on CentOS6.
I am authenticating against Active Directory (that works). And authorizing
against LDAP (that works as well).
I am trying to return attributes, used for VLAN assignment,
Hi:
I am using FreeRadius version 2.1.12 on CentOS6.
I am authenticating against Active Directory (that works). And authorizing
against LDAP (that works as well).
I am trying to return attributes, used for VLAN assignment, based on the
usersDN.
In my /etc/raddb/sites-enabled/default (and
out of this problem :(
Is it possible to do this configuration in conjunction with redundant ldap
configuration??
thanks!
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/LDAP-Groups-and-Dynamic-VLAN-assignment-tp4639157p4639157.html
Sent from the FreeRadius - User
stich86 stic...@gmail.com wrote:
there is a possibility to get Tunnel-Private-Group-ID and others from the
LDAP groups and not users file?
i've read many times docs/rlm_ldap but cant get out of this problem :(
Next time, try the freeradius-users@ archive too (true of *any* mailing
list)?
schilling schilling2...@gmail.com wrote:
Thanks a lot.
More questions.
If you want to lower the load (and authentication latency) on your AD
servers then you might want to look at the following too:
http://www.mail-archive.com/freeradius-users@lists.freeradius.org/msg65781.html
First
I believe I resolved this. I used eapol_test to get all wanted
result, and will try on real NAS later on.
The following is what I did. Basically I followed Alexander's example,
Modified peap section in eap.conf to use another virtual server auth
instead of inner-tunnel virtual server. I almost
Hi Alexander,
I am trying to play with your configuration, basically I have a
virtual server call auth as your example, and modified my eap.conf for
peap to use auth.
what's the config:local.MY.realm? My debug showed
[suffix] Looking up realm foo.edu for User-Name = sd...@foo.edu^M
[suffix]
On 01/24/2011 08:35 PM, schilling wrote:
Hi Alexander,
I am trying to play with your configuration, basically I have a
virtual server call auth as your example, and modified my eap.conf for
peap to use auth.
what's the config:local.MY.realm? My debug showed
FreeRadius lets you write *any*
schilling schilling2...@gmail.com wrote:
I am trying to play with your configuration, basically I have a
virtual server call auth as your example, and modified my eap.conf for
peap to use auth.
what's the config:local.MY.realm? My debug showed
Phil pretty much covered it (and in a neater
Thanks a lot.
More questions.
If you want to lower the load (and authentication latency) on your AD
servers then you might want to look at the following too:
http://www.mail-archive.com/freeradius-users@lists.freeradius.org/msg65781.html
I am trying to follow your comment on this. I now
I have the following questions for using perl though. Since I already
use LDAP or ntlm_auth for inner-tunnel mschapv0 authentication. Will
there any flag set so I can know whether LDAP or ntlm_auth is using
for mschapv0 authentication in perl script? Also if if I need to check
ldap/AD for certain
schilling schilling2...@gmail.com wrote:
Where should I put the perl script? I already have a perl module for
another virtual server to use radscript.
I also tried unlang in post-auth, like
if ( %{User-Name} =~ /\@/ fooEmployeeStatus =~ /active/i ) {
update outer.reply {
Hi All,
The group helped me configure the freeradius server to do mschapv2
against ldap w/ ntPassword if user sign on with usern...@foo.edu, and
to do mschapv2 against AD w/ ntlm if user just sign on with username.
Now I want to go one more step further - passing on some attributes
back to NAS.
schilling wrote:
Basically, I want to achieve
If (ldap authorization) {
if (ldap.employeeStatus = facstaff) {
REPLY{'Service-Type'}= Framed-User;
REPLY{'Tunnel-Type'} = VLAN;
REPLY{'Tunnel-Medium-Type'} = IEEE-802;
Where should I put the perl script? I already have a perl module for
another virtual server to use radscript.
I also tried unlang in post-auth, like
if ( %{User-Name} =~ /\@/ fooEmployeeStatus =~ /active/i ) {
update outer.reply {
Service-Type =
Hi,
Where should I put the perl script? I already have a perl module for
another virtual server to use radscript.
I also tried unlang in post-auth, like
if ( %{User-Name} =~ /\@/ fooEmployeeStatus =~ /active/i ) {
update outer.reply {
Hi the list
I'm sure this is NAS question, not Freeradius' question. But perhaps
somebody on the list had experienced this issue. Here is my problem.
I setup :
- A Freeradius configuration EAP/PEAP with user credentials stored in LDAP
directory.
- A NAS zcomax ag3621 wireless access
Attou eric wrote:
The access point just put user1 on VLAN 30. My NAS ignore the VLAN ID
60 (Tunnel-Private-Group-Id:0 = 60)
Then the NAS is broken.
contained in the Access-Accept. I try with two different models of
Access point (zcomax and cisco)
My question: Is there a particular
Hello!
Some time ago Alan mentioned that the new 2.1.10 version will support such a
thing. However, I can't seem to find it in the docs. Can anyone shed some light
on how that can be done with the new functionality?
-
Вижте
Бисер Миланов wrote:
Hello!
Some time ago Alan mentioned that the new 2.1.10 version will support such a
thing. However, I can't seem to find it in the docs. Can anyone shed some
light on how that can be done with the new functionality?
Read the ChangeLog. There are new attributes which
[ldap] expand: dc=int-evry,dc=fr - dc=int-evry,dc=fr
[ldap] ldap_get_conn: Checking Id: 0
[ldap] ldap_get_conn: Got Id: 0
[ldap] attempting LDAP reconnection
[ldap] (re)connect to ldapdev.int-evry.fr:389, authentication 0
[ldap] bind as cn=admin,dc=int-evry,dc=fr/admldap
thanks for your replay
here what i did
in the ldap.attrmap i put
checkItem User-Category eduPersonPrimaryAffiliation
in the user file i did
DEFAULT
Tunnel-Type := VLAN,
Tunnel-Medium-Type := IEEE-802,
Tunnel-Private-Group-Id = 901,
Fall-Through = Yes
Hi alexander
Le 16/09/2010 00:31, Alexander Clouter a écrit :
Remember that the 'inner-auth' virtual server is a *unique* instance
to your outer layer so 'User-Category' might be defined but only on the
outside whilst it looks like you are calling 'files' *inside*.
Cheers
Well I understand
well i though i have found the answer
i m not sure if it s the right way to do
in the section of peap of the eap file i had
use_tunneled_reply = yes
Le 16/09/2010 13:22, Eric Doutreleau a écrit :
Hi alexander
Le 16/09/2010 00:31, Alexander Clouter a écrit :
Remember that the 'inner-auth'
On 16/09/10 10:16, Eric Doutreleau wrote:
thanks for your replay
here what i did
in the ldap.attrmap i put
checkItem User-Category eduPersonPrimaryAffiliation
checkItem means put the attribute into the check/config items list.
Looking at the source code, I see that rlm_ldap can't
Le 16/09/2010 15:34, Phil Mayers a écrit :
On 16/09/10 10:16, Eric Doutreleau wrote:
thanks for your replay
here what i did
in the ldap.attrmap i put
checkItem User-Category eduPersonPrimaryAffiliation
checkItem means put the attribute into the check/config items list.
Looking at the
Hi,
vlan assignment based on vlan.
here what i have in my users file
DEFAULT User-Category == student
Reply-Message = Your a member of the student Group,
Tunnel-Type = VLAN,
Tunnel-Medium-Type = IEEE-802,
Tunnel-Private-Group-Id = 902,
Eric Doutreleau eric.doutrel...@it-sudparis.eu wrote:
i m using freeradius 2.1.9 and i have some problems with making dynamic
vlan assignment based on vlan.
here what i have in my users file
DEFAULT User-Category == student
Reply-Message = Your a member of the student Group
Thank you very much for your help! Now it works beautifully!
My next step is to integrate FreeRadius with my Windows domain to use
Windows AD for authentication. I am sure I will more questions for you
guys!
http://deployingradius.com/documents/configuration/active_directory.html
Ivan Kalik
:53 PM
To: FreeRadius users mailing list
Subject: Re: Dynamic VLAN assignment works on EAP-MD5, but not
EAP-PEAP!!!
I have figured out how to configure attributes. Here is my user
file:
test Cleartext-Password := test
Tunnel-Type = 16777229,
Tunnel-Medium-Type = 16777222
I have figured out how to configure attributes. Here is my user file:
test Cleartext-Password := test
Tunnel-Type = 16777229,
Tunnel-Medium-Type = 16777222,
Tunnel-Private-Group-ID = 3
When I use MD5-Challenge, I got put in the right vlan I wanted. However
Hi,
We're having a bit of a problem with FreeRADIUS not always including
VLAN information in access-accept packets; I've not been able as yet to
establish what the cause is so I thought I'd throw it out to the list if
there's something others have come across.
Needless to say our testing through
The full log may be viewed at: http://dpaste.com/112610/
Also, I have posted my eap.conf here: http://dpaste.com/112615/
and radius.conf here: http://dpaste.com/112616/
and I don't think anyone would need it, but here is clients.conf as
well: http://dpaste.com/112618/
You have posted
Here is the output of a client associating immediately after the
server starts: http://dpaste.com/112843/
Also, I am new to IOS, and there was no debug aaa on command. If you
look closely at the top of the file I previously posted, I turned on
about half of the options I thought relevant to
William Graeber wrote:
Here is the output of a client associating immediately after the
server starts: http://dpaste.com/112843/
You're not assigning the attributes that tell the server to put the
user into a VLAN.
Are you using the *default* configuration files in 2.0.5? It looks
like
I have modified eap.conf and added use_tunneled_reply = yes in the
peap section. I have previously tried this, and obtained the same
results. Whenever a client tries to login, they get cycled from
authenticating/connecting very quickly. I've posted an example output
from a radius debug:
I have modified eap.conf and added use_tunneled_reply = yes in the
peap section. I have previously tried this, and obtained the same
results. Whenever a client tries to login, they get cycled from
authenticating/connecting very quickly. I've posted an example output
from a radius debug:
Here is the output of Cisco debugging with use_tunneled_reply = yes:
http://dpaste.com/113022/
Again, I really appreciate your help.
-William
On Sun, Jan 25, 2009 at 18:29, t...@kalik.net wrote:
I have modified eap.conf and added use_tunneled_reply = yes in the
peap section. I have previously
I may have solved my own problem - I have contradicting encryption
settings for each VLAN on the Cisco access point. I was testing the
setup by bumping the user from VLAN 200 (WPA-required) to VLAN 100
(open access). I'll give this a shot and post my results.
-William
On Sun, Jan 25, 2009 at
I have resolved the issue. I created a new VLAN with matching
encryption settings to the default VLAN. Thank you all for helping! I
have become much more familiar with the Cisco debugging procedure in
the process.
-William
-
List info/subscribe/unsubscribe? See
...@kalik.net wrote:
I have been having trouble recently with getting dynamic VLAN
assignment working on my Cisco AP. Clients are successfully
authenticating with FreeRADIUS. However, they do not seem to be
picking up extra attributes from the users file (below is the
relevant portion of it).
wgraeber
I have been having trouble recently with getting dynamic VLAN
assignment working on my Cisco AP. Clients are successfully
authenticating with FreeRADIUS. However, they do not seem to be
picking up extra attributes from the users file (below is the
relevant portion of it).
wgraeberNT
Hi,
I have been having trouble recently with getting dynamic VLAN
assignment working on my Cisco AP. Clients are successfully
authenticating with FreeRADIUS. However, they do not seem to be
picking up extra attributes from the users file (below is the
relevant portion of it).
wgraeber
I have been having trouble recently with getting dynamic VLAN
assignment working on my Cisco AP. Clients are successfully
authenticating with FreeRADIUS. However, they do not seem to be
picking up extra attributes from the users file (below is the
relevant portion of it).
wgraeberNT
Date: Fri, 23 Jan 2009 11:16:55 -0500
From: William Graeber swi...@swilly.tk
Subject: Cisco Aironet 1130ag dynamic VLAN assignment
To: freeradius-users@lists.freeradius.org
Message-ID:
1d7de5e60901230816j64dec24dhe90883e276e48...@mail.gmail.com
Content-Type: text/plain; charset=UTF-8
I
Talk to the vendor?
Sent from my iPhone
On 31 Oct 2008, at 01:20, Luke [EMAIL PROTECTED] wrote:
Hi :)
I'm trying to get dynamic VLAN assignment to work with my Dell 6248,
which they officially support as of firmware revision 2.1.0.13.
I'm using freeradius version 2.1.1
I think I'm sending
Dictionary value for that Tunnel-Medium-Type is IEEE-802.
Ivan Kalik
Kalik Informatika ISP
Dana 31/10/2008, Luke [EMAIL PROTECTED] piše:
Hi :)
I'm trying to get dynamic VLAN assignment to work with my Dell 6248,
which they officially support as of firmware revision 2.1.0.13.
I'm using
Hi :)
I'm trying to get dynamic VLAN assignment to work with my Dell 6248,
which they officially support as of firmware revision 2.1.0.13.
I'm using freeradius version 2.1.1
I think I'm sending the information the correct way from freeradius, to wit:
DEFAULT Auth-Type == MS-CHAP
Tunnel
[EMAIL PROTECTED] wrote:
We'd like to setup the following:
A workstation is booted, the supplicant asks for the credentials, the cisco
switch pa
sses the credentials to a freeradius server, freeradius authenticates the user to an
edirectory ldap server, freeradius decides which
We'd like to setup the following:
A workstation is booted, the supplicant asks for the credentials, the cisco
switch pa
sses the credentials to a freeradius server, freeradius authenticates the user
to an
edirectory ldap server, freeradius decides which Tunnel-Private-Group-Id to
send bac
k
This is the catch, I swear we tried at some point, apparently, we were
missing something else at that time.
Now everything worked out now.
Thanks all for reply.
Have a nice day.
Regards,
shiling
On Nov 7, 2007 4:49 PM, [EMAIL PROTECTED] wrote:
Hi,
userx Cleartext-Password := hello
Hi,
We read all dynamic vlan related posts in this mailing list archive,
but still can't get it to work even the authentication is working
good.
in your eap.conf have you set the copy to inner tunnel to be yes?
on your switch, have you set the device to accept server defined
VLANs?
alan
-
to authenticator, but is not in the intented VLAN(dynamic vlan
assignment is not working). Any suggestion is highly appreciated.
FreeRADIUS Version 1.1.7, for host i686-pc-linux-gnu
DEBUG INFO
TTLS: Got tunneled reply RADIUS code 2
Service-Type = Framed-User
Tunnel-Type:0 = VLAN
Tunnel
On Nov 7, 2007 1:38 PM, [EMAIL PROTECTED] wrote:
Hi,
We read all dynamic vlan related posts in this mailing list archive,
but still can't get it to work even the authentication is working
good.
in your eap.conf have you set the copy to inner tunnel to be yes?
Are you referring to
ttls {
Hi,
on your switch, have you set the device to accept server defined
VLANs?
I believe in cisco
aaa authorization network default group radius
will enable switch to accept radius defined VLAN.
err, no. all that does is say 'use the radius group to
authorize network' you still have to
Hi,
userx Cleartext-Password := hello
Service-Type = Framed-User,
Tunnel-Type = VLAN,
Tunnel-Medium-Type = 802,
Tunnel-Private-Group-ID = 552
Tunnel-Medium-Type = IEEE-802,
where did you get just '802' from?
alan
-
List info/subscribe/unsubscribe? See
Hi,
i would make this architecture:
- authentication EAP/PEAP with MS-CHAPv2 with users in LDAP database. Better
with encrypted password, but not necessary.
- Every users have an attribute or something to assign it a VLAN.
I have OpenLDAP and Freeradius 1.1.3, the distributuion presents in CentOS
Hi,
Hi,
i would make this architecture:
- authentication EAP/PEAP with MS-CHAPv2 with users in LDAP
database. Better with encrypted password, but not necessary.
Either:
* use Clear-text passwords in the userpassword attribute
* OR add an Ldap attribute that will hold the NTML hash
I was under the impression that 1 AP = 1 VLAN. Has trunking been added?
-Original Message-
From: Artur Hecker [mailto:[EMAIL PROTECTED]
Sent: Monday, May 24, 2004 5:40 PM
To: [EMAIL PROTECTED]
Subject: Re: Dynamic VLAN assignment
i don't know, but i would say execute an external
added?
-Original Message-
From: Artur Hecker [mailto:[EMAIL PROTECTED]]
Sent: Monday, May 24, 2004 5:40 PM
To: [EMAIL PROTECTED]
Subject: Re: Dynamic VLAN assignment
i don't know, but i would say execute an external program which reads a
VLAN list file and attibutes and marks as used
(this is now kind of off the topic of radius but... )
Yes, it is a bit heavy What this is really doing is kind of sort of
mimicking private VLANs in the Catalyst sense. Where each user in a
VLAN cannot see each other, but they can all send traffic towards one
assigned port...
I am
IIRC, the Aironets can only take either 8 or 16 VLANs.
You may be better off using the filtering functions in the Aironet to
restrict the forwarding of frames between wireless stations, instead of
using VLANs like this.
josh.
On Tue, 2004-05-25 at 15:27, Dan Armstrong wrote:
(this is now kind
: Artur Hecker [mailto:[EMAIL PROTECTED]
Sent: Monday, May 24, 2004 5:40 PM
To: [EMAIL PROTECTED]
Subject: Re: Dynamic VLAN assignment
i don't know, but i would say execute an external program which reads a
VLAN list file and attibutes and marks as used the next unused VLAN.
but you will end up
:[EMAIL PROTECTED]
Sent: Tuesday, May 25, 2004 10:42 AM
To: [EMAIL PROTECTED]
Subject: Re: Dynamic VLAN assignment
well, i thought Dan was speaking about a new VLAN per user not per AP.
this is possible with Cisco APs. as far as i know, 1200 and 1100 can do
trunking.
ciao
artur
Willey Kurt D
Why not use public secure password forwarding?
Public Secure Packet Forwarding (PSPF) prevents client devices
associated to an access point from inadvertently sharing files or
communicating with other client devices associated to the access point.
It provides Internet access to client
I know this idea is a bit whacked, but if anybody can think of a
creative way I might be able to achieve it - I would be eternally
grateful...
We are authenticating wireless users from a Cisco Aironet (1100/1200).
I know that I can pass back a VLAN to plop the user into, once
authenticated.
i don't know, but i would say execute an external program which reads a
VLAN list file and attibutes and marks as used the next unused VLAN.
but you will end up with #VLANs = #users... it's pretty heavy (pull all
the VLANs from all APs to the switches) and quite limited, isn't it?
ciao
artur
94 matches
Mail list logo
