I've done this with cisco wireless and radius. I believe the radius attruibute
passed fron the radius server to the the wirelees session is the
'tunnel-private-id'. In the cisco wireless case I had to explicity allow this
attribute to change the networking tagging in order for it to effect the
traffic. sorry no proxim experience.
|Bruce Boardman, Network Engineer, Syracuse University - 315 889-1667
________________________________________
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
[WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Jethro R Binks
[jethro.bi...@strath.ac.uk]
Sent: Thursday, July 07, 2011 11:47 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] Proxim APs and 802.1X RADIUS VLAN assignment
Hello all,
I've been having problems using 802.1X authentication, or more
specifically, assignment of VLANs based on the RADIUS attributes.
Goal is to have one SSID, "eduroam", to which both visitors and local
users authenticate when using the wireless service. Visitors remain in
the VLAN to which the SSID is associated, and local users onsite are
switched into a different VLAN based on attributes from the Radius server
backend.
In brief:
I am running the latest v4.0.12 code (but had problems with previous
versions too).
I believe I have followed to the letter the Proxim knowledgebase article
(which was updated a while ago ("VLAN Assignment by RADIUS").
I have tested with a variety of clients (Windows laptop, Windows mobile,
Apple i-things).
With no VLAN assignment (i.e., none of the Tunnel- attributes being sent
by RADIUS), it usually works OK (sometimes with a couple of retries); but
the local user remains in the "visitor" VLAN as expected.
With the VLAN assignment enabled, it will usually NOT work. Once in a
while you might get lucky and get connected to the right VLAN and get an
address from DHCP, but it is very inconsistent and unreliable. As far as
I can surmise, the problem is likeliest to lie with the AP.
Since it does occasionally work, the basic infrastructure appears to be
sound.
So, I'm reaching out there to find if there are any other people doing
something this with Proxim APs (AP4000 in particular), to see if you have
seen these problems with other vendor or found a fix. Or, alternatively,
maybe it isn't the AP, but something else you can suggest that might cause
this inconsistent behaviour.
Thanks for any thoughts,
Jethro.
. . . . . . . . . . . . . . . . . . . . . . . . .
Jethro R Binks, Network Manager,
Information Services Directorate, University Of Strathclyde, Glasgow, UK
The University of Strathclyde is a charitable body, registered in
Scotland, number SC015263.
**********
Participation and subscription information for this EDUCAUSE Constituent Group
discussion list can be found at http://www.educause.edu/groups/.
**********
Participation and subscription information for this EDUCAUSE Constituent Group
discussion list can be found at http://www.educause.edu/groups/.
