- Community Home
- >
- Networking
- >
- Security e-Series
- >
- 802.1X Dynamic VLAN Compatibility
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-12-2017 07:51 AM
02-12-2017 07:51 AM
Hi all!
I'd like a simple answer from HP: Which Switch series has the capability to set dynamic vlan assignment in 802.1X?
Procurve series only? ( I'm inclined to believe "any" procurve is able to do this )
I've been trying to get it working with OfficeConnect series ( HP1910/1920 series and 3COM 2829 series ).
I get the authentication to work, the Guest and Auth-Fail VLANs working correctly.
I'm using FreeRADIUS server ( simple setup, testing purpose at the moment ), here's my user for trying to assign VLAN100 once authenticated:
vlan100 Cleartext-Password := "@vlan100"
3Com-VLAN-Name = VLANTEST100,
HP-Egress-VLAN-Name = VLANTEST100,
HP-Egress-VLANID = 100,
Tunnel-Type = VLAN,
Tunnel-Medium-Type = IEEE-802,
Tunnel-Private-Group-Id = 100,
Egress-VLAN-Name = VLANTEST100,
Egress-VLANID = 100,
3Com-User-Access-Level = 3Com-Administrator
I'm looking for second hand, cheap Switches capable of this feature, for my home office lab and I found these modesl ( cheapest first ):
- HP Procurve A3100 - Jd317a
- Hp Procurve Switch 2650 - J4899c
- HP Procurve 1410 - J9561a
- Hp Procurve E2510g - J9279a
I'm inclined to buy J9279a... I thinks it's the best money for the bucket. I just want the one with the most features of all series above, including the VLAN assignment function.
Thanks in advance!
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-13-2017 06:34 PM
02-13-2017 06:34 PM
SolutionWell....
It turns out it was needed to fine tune freeradius....
Example of working user:
vlan15 Cleartext-Password := "@vlan15"
Tunnel-Type = VLAN,
Tunnel-Medium-Type = IEEE-802,
Tunnel-Private-Group-Id = 15
in /etc/raddb/eap.conf:
Into eap/peap, changed use_tunneled_reply = no to use_tunneled_reply = yes
In /etc/raddb/default and /etc/raddb/inner-tunnel ( not sure if this is really required ):
# eap {
# ok = return
# }
eap
And it is working with V1910 both 3com brand SFP Plus and HP brand
I've managed to get Windows to authenticate/work correctly as well as my OpenWRT setup.
My linux box ( Fedora24 ) isn't very happy yet, I still have to debug the issues with TLS.