- Community Home
- >
- Networking
- >
- Legacy
- >
- Switches, Hubs, Modems
- >
- dynamic vlan assignment via 802.1x
Switches, Hubs, and Modems
1747970
Members
3519
Online
108756
Solutions
Forums
Categories
Company
Local Language
юдл
back
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
юдл
back
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
Information
Community
Resources
Community Language
Language
Forums
Blogs
Go to solution
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-03-2008 08:08 AM
тАО03-03-2008 08:08 AM
i'm trying to setup port based authentication in a lab environment. I seem to have everything working (PKI, IAS 2003, provurve 2524, AD). I have one lingering question. Everything I've been looking at so far seems to indicate that the extent of the vlan assignment abilities are either authenticated or unauthenticated. In other words, it seems that there are only one or two vlans that can be used with port based authentication.
I would like to setup a guest vlan for un-authenticated user, and I would like the authenticated users to be assigned to a vlan based on securtiy group. For example, admissions should go to vlan 4, factulty should go to vlan 3, IT should go to vlan 7. Is this sort of thing possible, or do can I only use two vlans when it comes to 802.1x.
Thanks in advance.
I would like to setup a guest vlan for un-authenticated user, and I would like the authenticated users to be assigned to a vlan based on securtiy group. For example, admissions should go to vlan 4, factulty should go to vlan 3, IT should go to vlan 7. Is this sort of thing possible, or do can I only use two vlans when it comes to 802.1x.
Thanks in advance.
Solved! Go to Solution.
2 REPLIES 2
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-03-2008 11:04 AM
тАО03-03-2008 11:04 AM
Solution
you can certainly have auto-vlan assignment via radius config parms and the switch upon a successful auth...
however, it requires 3 radius attributes to be configured for each radius profile you config (admin, faculty, etc)...
see this section for some of the info:
ftp://ftp.hp.com/pub/networking/software/2300-2500-RelNotes-f0560-59903102.pdf
the 3 radius attributes to set in each radius profile are:
Tunnel-Type
Tunnel-Medium-Type
Tunnel-Pvt-Group-ID - you config a dec value for the vlan number
these are set under the advanced tab of the radius profile you are editing...
here is another good ref for the microsoft side of the config:
http://www.microsoft.com/downloads/details.aspx?FamilyID=05951071-6b20-4cef-9939-47c397ffd3dd&displaylang=en
hth...jeff
however, it requires 3 radius attributes to be configured for each radius profile you config (admin, faculty, etc)...
see this section for some of the info:
ftp://ftp.hp.com/pub/networking/software/2300-2500-RelNotes-f0560-59903102.pdf
the 3 radius attributes to set in each radius profile are:
Tunnel-Type
Tunnel-Medium-Type
Tunnel-Pvt-Group-ID - you config a dec value for the vlan number
these are set under the advanced tab of the radius profile you are editing...
here is another good ref for the microsoft side of the config:
http://www.microsoft.com/downloads/details.aspx?FamilyID=05951071-6b20-4cef-9939-47c397ffd3dd&displaylang=en
hth...jeff
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-03-2008 01:20 PM
тАО03-03-2008 01:20 PM
Re: dynamic vlan assignment via 802.1x
That worked great! Thanks.
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
News and Events
Support
© Copyright 2024 Hewlett Packard Enterprise Development LP