«

Hello,

I've a CE500 switch with dot1x authentication on Microsoft IAS server.

I'm trying to use dynamic VLAN assignement based on user
authentication.

I setup a policy on IAS to assign the following attributes to some
groups:

Service-Type: Framed
Tunnel-Medium-Type: 802
Tunnel-Pvt-Group-ID: MY-TEST-VLAN
Tunnel-Type: Virtual LANs

I can see on the IAS logs that the policy is applied, the switch brings
up the connection but the port is on native VLAN (that is it is not
assigned to MY-TEST-VLAN).

I've created manually the VLAN on the CE500 usign CNA and the security
level is HIGH for all the FEs.
The FEs are assigned with the role DESKTOP on native VLAN 1.

Could someone tell me what I'm wrong and is this could be done on a
CE500?

Regards
ermmau