No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade
MENU

FAQ How to configure dynamic vlan assignment via radius

Publication Date:  2014-12-30 Views:  1134 Downloads:  0
Issue Description
To be able to assign VLANs dynamically from the RADIUS server you can use one of the following  standard attributes to deliver the VLAN attribute(RFC2865, RFC2866, and RFC3576 define standard RADIUS attributes, which are supported by all mainstream vendors):
  

Attribute No.        Attribute Name                              Description

64                 Tunnel-Type                              Protocol type of the tunnel. The value is fixed as 13, indicating VLAN.

65                Tunnel-Medium-Type                        Medium type used on the tunnel. The value is fixed as 6, indicating Ethernet.

81                Tunnel-Private-Group-ID              Tunnel private group ID, which is used to deliver user VLAN IDs.
Solution
How to configure the switch:

 
#

vlan batch 10 301 501 710

#

dot1x enable

dot1x dhcp-trigger

mac-authen

#

interface GigabitEthernet0/0/3

description Test-port

port hybrid pvid vlan 710

undo port hybrid vlan 1

port hybrid untagged vlan 301 501 710

dot1x enable

dot1x max-user 10

authentication guest-vlan 710

authentication restrict-vlan 710

authentication critical-vlan 710

dot1x authentication-method eap


#

Device: S5700S-52P-LI-AC
Version: V200R003C00SPC300

 

Result:

END

Contribute Articles
Enterprise APP

Copyright © 2019 Huawei Technologies Co., Ltd. All rights reserved.