802.1X VLAN assignment - Radius (487 Views)
Occasional Visitor
Posts: 1
Registered: ‎01-29-2013
Message 1 of 2 (487 Views)

802.1X VLAN assignment - Radius



I set up a radius authentication, my goal is:


When a user plugs his machine on the enterprise network, there is a machine authentication (for AD: domain computer group) on the RADIUS server:


- If the machine is in the AD group, redirects to VLAN3 radius (full network access)
- If the machine is not in the AD group, radius redirects to VLAN2 (restricted access)


Currently, I can do:


When a domain computer connects to the network it gets an IP address though VLAN 3 (no problem)

By cons when it is a machine that is not in the field, I do not have an IP address (it is placed in VLAN2)!

I do not know or I can define these settings, this is not authenticated when placed in a user-defined VLAN.


Ps: I’m working on HP Procurve Switch

I helped a lot of this doc: http://integratingit.wordpress.com/2012/07/05/configuring-dynamic-vlan-assignment-on-procurve-switch...


thank you in advance

Frequent Advisor
Posts: 57
Registered: ‎03-04-2013
Message 2 of 2 (414 Views)

Re: 802.1X VLAN assignment - Radius

Do you have a DHCP scope assigned to VLAN 2?

The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.