No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade
MENU
Knowledge Base

FAQ How to configure dynamic vlan assignment via radius

Publication Date:  2014-12-30  |   Views:  2458  |   Downloads:  0  |   Author:  b00745015  |   Document ID:  EKB1000064168

Contents
Issue Description Solution

Issue Description

To be able to assign VLANs dynamically from the RADIUS server you can use one of the following  standard attributes to deliver the VLAN attribute(RFC2865, RFC2866, and RFC3576 define standard RADIUS attributes, which are supported by all mainstream vendors):
  

Attribute No.        Attribute Name                              Description

64                 Tunnel-Type                              Protocol type of the tunnel. The value is fixed as 13, indicating VLAN.

65                Tunnel-Medium-Type                        Medium type used on the tunnel. The value is fixed as 6, indicating Ethernet.

81                Tunnel-Private-Group-ID              Tunnel private group ID, which is used to deliver user VLAN IDs.

Solution

How to configure the switch:

 
#

vlan batch 10 301 501 710

#

dot1x enable

dot1x dhcp-trigger

mac-authen

#

interface GigabitEthernet0/0/3

description Test-port

port hybrid pvid vlan 710

undo port hybrid vlan 1

port hybrid untagged vlan 301 501 710

dot1x enable

dot1x max-user 10

authentication guest-vlan 710

authentication restrict-vlan 710

authentication critical-vlan 710

dot1x authentication-method eap


#

Device: S5700S-52P-LI-AC
Version: V200R003C00SPC300

 

Result:
Feedback
Related resources
Documentation Software Download Bulletins Tools
Related searches
By Author
Help us to improve
Write an article
Enterprise APP

Copyright © 2020 Huawei Technologies Co., Ltd. All rights reserved.