Velocity Reviews - Computer Hardware Reviews
Home Forums Reviews Guides Newsgroups Register Search
Member Login:

Velocity Reviews > Newsgroups > Computing > Cisco > Vlan assignation by Radius

Reply
Thread Tools

Vlan assignation by Radius

 
 
Jean
Guest
Posts: n/a
 
      06-11-2004
Hi all,

I'm using
- Cisco ACS 3.0 Radius
aaa server type is CiscoSecure ACS for Windows 2000/NT
authenticating using RADIUS (IETF)

- Cisco Switch 3550 Version 12.1(12c)EA1
aaa new-model
aaa authentication dot1x default group radius
aaa authorization network defauft group radius
radius-server host x.x.x.x auth-port 1812 acct-port 1813
radius-server retransmit 3
radius-server key xxxxxx
interface FastEthernet0/47
switchport mode access
no ip address
no cdp enable
dot1x port-control auto
spanning-tree portfast

- Win XP client
MD-5

My problem
The client will get authorized and the port will be authorized,
however Radius doesn't pass the vlan, the port ends up on the default
vlan.
How do I make it to pass the vlan, I have all 3 attributes set on
radius
64 Tunnel type = VLAN contains the value vlan (type
13)
65 Tunnel-medium-type=802 contains value 802 (type 6)
81 Tunnel-private-group-ID=VLAN name contains the vlan name assigned
to the 802.1x

But I still have no vlan assigned for the authorized port.
Any suggestions ?

Also, does anyone know what is the best IOS ver to run on a 3550 to do
802.1x
Thanks
Jean
 
Reply With Quote
 
 
 
 
gaetano
Guest
Posts: n/a
 
      06-12-2004
Jean wrote:
> interface FastEthernet0/47
> switchport mode access
> no ip address
> no cdp enable
> dot1x port-control auto
> spanning-tree portfast
>
customize the timeout:

dot1x timeout quiet-period 5
dot1x timeout tx-period 4
dot1x timeout reauth-period 15
dot1x timeout supp-timeout 5
dot1x timeout server-timeout 5
dot1x max-req 5
dot1x guest-vlan 5

> - Win XP client
> MD-5
>
> My problem
> The client will get authorized and the port will be authorized,
> however Radius doesn't pass the vlan, the port ends up on the default
> vlan.
> How do I make it to pass the vlan, I have all 3 attributes set on
> radius
> 64 Tunnel type = VLAN contains the value vlan (type
> 13)
> 65 Tunnel-medium-type=802 contains value 802 (type 6)
> 81 Tunnel-private-group-ID=VLAN name contains the vlan name assigned
> to the 802.1x

not use VLAN name but VLAN number

>
> But I still have no vlan assigned for the authorized port.

have you create the vlan on 3550?
the commmand "debug dot1x ..."

> Any suggestions ?
>
> Also, does anyone know what is the best IOS ver to run on a 3550 to do
> 802.1x
the latest 121-20.EA2.bin
> Thanks
> Jean
 
Reply With Quote
 
 
 
Reply

« ATM(ws-x3006) Firmware upgrade | cisco 2511 router isdn backup »
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
vhdl hexa assignation Julien Lochen VHDL 0 12-05-2008 04:09 PM
double assignation in a hash nico Itkin Ruby 6 06-09-2008 12:15 PM
Controlling assignation =?ISO-8859-1?Q?Xavier_D=E9coret?= Python 14 06-26-2005 08:57 PM
Logic Units Assignation Mark Renton Computer Information 4 07-04-2004 01:33 PM
Union type variable assignation --- in expression, in function argues Denis Pithon C Programming 10 02-08-2004 03:26 AM



Advertisments
 


Powered by vBulletin®. Copyright ©2000 - 2013, vBulletin Solutions, Inc..
SEO by vBSEO ©2010, Crawlability, Inc.
Contact Us - Archive - Privacy Statement - Top

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57