Catalyst Express 500, dot1x, VLAN membership

Discussion in 'Cisco' started by ermmau, Sep 14, 2006.

  1. ermmau

    ermmau Guest

    Hello,

    I've a CE500 switch with dot1x authentication on Microsoft IAS server.

    I'm trying to use dynamic VLAN assignement based on user
    authentication.

    I setup a policy on IAS to assign the following attributes to some
    groups:

    Service-Type: Framed
    Tunnel-Medium-Type: 802
    Tunnel-Pvt-Group-ID: MY-TEST-VLAN
    Tunnel-Type: Virtual LANs

    I can see on the IAS logs that the policy is applied, the switch brings
    up the connection but the port is on native VLAN (that is it is not
    assigned to MY-TEST-VLAN).

    I've created manually the VLAN on the CE500 usign CNA and the security
    level is HIGH for all the FEs.
    The FEs are assigned with the role DESKTOP on native VLAN 1.

    Could someone tell me what I'm wrong and is this could be done on a
    CE500?

    Regards
    ermmau
     
    ermmau, Sep 14, 2006
    #1
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.