Re: [PacketFence-users] VLAN ID : (undefined)

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Hello Ali,

PacketFence do his job, so it looks that your switch doesn't support 
vlan assignment by radius.

Regards

Fabrice

Le 2018-08-03 à 06:23, Amjad Ali via PacketFence-users a écrit :
> Hi All,
>
> I'm trying to test an unsupported switch with packetfence that has 
> support for 802.1X. The goal is to authenticate a client and assign a 
> vlan to the connected switch port. I suppose that's what we call 
> radius only enforcement?
>
> The authentication goes well and I can see the user registered from 
> the web UI. But when I check the switch port on the switch its not 
> assigned to the proper vlan (VLAN ID 10)
>
> The radius reply message says:
>
> MS-MPPE-Encryption-Policy = Encryption-Required 
> MS-MPPE-Encryption-Types = 4 MS-MPPE-Send-Key = 
> 0x1447f430c4f09d0f42d055e5a6230c77 MS-MPPE-Recv-Key = 
> 0xb144af604dfd40f6a55cf4ac4b0475bb EAP-Message = 0x032e0004 
> Message-Authenticator = 0x00000000000000000000000000000000 
> Stripped-User-Name = "pica8" Tunnel-Medium-Type = IEEE-802 Tunnel-Type 
> = VLAN Tunnel-Private-Group-Id = "10"
>
> I suppose the Tunnel-Private-Group-Id = 10 means the client be put in 
> Vlan 10.
>
> However, I see the below entry in the packetfence.log
>
> Aug  3 16:19:17 packetfence8 packetfence_httpd.aaa: httpd.aaa(8796) 
> INFO: [mac:e0:db:55:cd:84:62] PID: "pica8", Status: reg Returned VLAN: 
> (undefined), Role: gaming (pf::role::fetchRoleForNode)
>
>
> gaming is set to vlan 10 in packetfence-->Configuration-->Switches. 
> (Role mapping by vlan id)
>
> Can someone please help explain whats wrong here.
>
> Thanks in advance.
> Ali
>
> -- 
> Amjad Ali
>
>
> ------------------------------------------------------------------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>
>
> _______________________________________________
> PacketFence-users mailing list
> Pac...@li...
> https://lists.sourceforge.net/lists/listinfo/packetfence-users