- Community Home
- >
- Networking
- >
- Legacy
- >
- Switches, Hubs, Modems
- >
- Re: 2910AL - Radius VLAN(s) w/ DHCP question
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-08-2009 10:16 AM
тАО05-08-2009 10:16 AM
I managed to setup Radius assigned VLAN(s) on my ProCurve 2910 using Windows authentication.
These are the scopes I created the DHCP server is on VLAN 50 with an IP of 172.16.50.1.
VLAN 10 - E -> Network 172.16.10.0 /24
VLAN 20 - J -> Network 172.16.20.0 /24
VLAN 30 - S -> Network 172.16.30.0 /24
VLAN 40 - P -> Network 172.16.40.0 /24
Note: I only have 1 server that 50.1 server does everything Radius, AD, DHCP etc. This is just a test lab.
My main concern is when I plug in my laptop to port 1 (which is set as a authenticator) and I log in as a user assigned to VLAN 10, everything works fine!. The laptop, switch and IAS server says that I am connected and when I check the port status I can see that it am on VLAN 1
Auth Unauth Untagged Tagged Kbps In RADIUS Cntrl
Port Clients Clients VLAN VLANs Port COS Limit ACL Dir
---- -------- -------- -------- ------ --------- ----------- ------ -----
1 1 0 1 No 00000000 No No both
The problem is after the user authenticates it doesn't grab an IP from the DHCP server right away. It stays with the APIPA address so what I have to do is manually release and renew the IP address in order to grab one.
Is this a firmware issue or is there a command I am missing?
This is the current firmware I am running Boot Rom Version: W.14.04.
Thanks guys
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-08-2009 10:39 AM
тАО05-08-2009 10:39 AM
Re: 2910AL - Radius VLAN(s) w/ DHCP question
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-08-2009 10:44 AM
тАО05-08-2009 10:44 AM
Re: 2910AL - Radius VLAN(s) w/ DHCP question
I did the sh tech but my console session can't record all the data being displayed is there something in particular you would like to see I can send that over
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-08-2009 10:56 AM
тАО05-08-2009 10:56 AM
Re: 2910AL - Radius VLAN(s) w/ DHCP question
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-08-2009 11:05 AM
тАО05-08-2009 11:05 AM
Re: 2910AL - Radius VLAN(s) w/ DHCP question
Cheers
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-08-2009 11:19 AM
тАО05-08-2009 11:19 AM
Re: 2910AL - Radius VLAN(s) w/ DHCP question
ip helper address must be dhcp server address foreach vlan
and dhcp server default gateway address must be vlan 50 ip address
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-08-2009 11:42 AM
тАО05-08-2009 11:42 AM
Re: 2910AL - Radius VLAN(s) w/ DHCP question
What do you mean I have to have a DHCP server for my VLAN do I need to have a separate DHCP box for all for VLAN(s)? I don't quite understand that concept.
The thing is this config worked perfectly fine when I had static VLAN(s) assigned to each port. For example port 1-4 is assigned to VLAN 10, port 5-8 was assigned to VLAN 20.
When I plugged in a laptop into port 1 it gave me an address of 172.16.10.1 and when I plugged it into port 2 it gave me an address of 172.16.20.1.
With the dynamic VLAN when I log in with a user that belongs to VLAN 10 it doesn't assign me the IP address right away. I have to release and renew my IP address after that it assigns me an IP from the 172.16.10.0 network and vice versa with other VLAN(s).
I hope this all makes sense if you have any questions or suggestions please let me know.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-08-2009 12:14 PM
тАО05-08-2009 12:14 PM
Re: 2910AL - Radius VLAN(s) w/ DHCP question
you might try this, create a VLAN99 (i call this the "dead" or "notused" vlan)...do not give it an ip addr or ip helper-address, put port 1 in as untagged...disconnect the laptop from port 1, reconnect to port 1 and see if it works any better...
i can't guarantee it will be better, but that is how i have my 802.1X switches configured...
hth...jeff
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-08-2009 12:57 PM
тАО05-08-2009 12:57 PM
Re: 2910AL - Radius VLAN(s) w/ DHCP question
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-08-2009 01:54 PM
тАО05-08-2009 01:54 PM
Re: 2910AL - Radius VLAN(s) w/ DHCP question
I think this might be a bug with User based 802.1x dynamic VLAN(s). I just finished configuring MAC based VLAN(s) and it works great.
When I change the VLAN ID on my IAS server and replug in the wire the IP address picks up right away! but when I try it with user based VLAN(s) I still need to release and renew my IP addresses
If anybody has any more suggestions in regards to the user based VLANing please let me know.
Cheers