Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
476
Views
0
Helpful
2
Replies

802.1x with /21 subnet

vidals
Level 1
Level 1

‎07-10-2006 03:36 AM - edited ‎03-10-2019 02:39 PM

Hello,

I am currently deploying 802.1x using following devices:

XP - HP Procurve - Cisco ACS - Active Directory

I am able to forward dynamic vlan id to employe and consultant after authentication.

Bit how to deal with big site having a large number of people?

Without 802.1x, they are splitted in class C subnet to restrict obvious big subnet limitation like broadcast domain.

How to assign a pool of vlans to one group of users instead of 1 vlan?

Thanks for your help.Stephane

Labels:
0 Helpful
2 Replies 2

wong34539
Level 6
Level 6

‎07-14-2006 06:34 AM

802.1X authenticated ports are assigned to a VLAN that is based on the username of the host that is connected to the port. VLAN assignments work with the RADIUS server, which has a database of username-to-VLAN mappings. After a successful 802.1X authentication of the port, the RADIUS server sends the VLAN in which the user needs to be given access.

Refer to http://www.cisco.com/en/US/products/hw/switches/ps4324/products_configuration_guide_chapter09186a00801eca01.html#wp998917

0 Helpful

jafrazie
Cisco Employee
Cisco Employee
In response to wong34539

‎07-14-2006 11:37 AM

Architecturally, performing the VLAN Assignment by name mitigates this concern and allows for flexibility in this regard. 802.1X should not require you to build a specific VLAN/VTP architecture for subnetting. Ideally, it should work with what you already have. This is supported on all Cisco Catalyst switches.

0 Helpful
Customers Also Viewed These Support Documents