Security e-Series
1748054 Members
4362 Online
108758 Solutions
New Discussion

802.1X VLAN assignment - Radius

 
xp3d75
New Member

802.1X VLAN assignment - Radius

Hello,

 

I set up a radius authentication, my goal is:

 

When a user plugs his machine on the enterprise network, there is a machine authentication (for AD: domain computer group) on the RADIUS server:

 

- If the machine is in the AD group, redirects to VLAN3 radius (full network access)
- If the machine is not in the AD group, radius redirects to VLAN2 (restricted access)

 

Currently, I can do:

 

When a domain computer connects to the network it gets an IP address though VLAN 3 (no problem)

By cons when it is a machine that is not in the field, I do not have an IP address (it is placed in VLAN2)!

I do not know or I can define these settings, this is not authenticated when placed in a user-defined VLAN.

 

Ps: I’m working on HP Procurve Switch

I helped a lot of this doc: http://integratingit.wordpress.com/2012/07/05/configuring-dynamic-vlan-assignment-on-procurve-switches/

 

thank you in advance

1 REPLY 1
Matcol
Frequent Advisor

Re: 802.1X VLAN assignment - Radius

Do you have a DHCP scope assigned to VLAN 2?