Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
675
Views
0
Helpful
2
Replies

Assign building-specific VLAN via 802.1X vlan assignment

stefansandri
Level 1
Level 1

‎01-06-2006 02:43 AM - edited ‎03-10-2019 02:25 PM

Hi all

We plan to implement 802.1X. We have several departments. Each department is using several VLANs, depending on which building the machine is.

If a machine/user from department A connects in building A, it should receive VLAN 10 via 802.1X vlan assignment. If the same machine/user connects in building B, it should receive VLAN 20.

Is this possible with 802.1X vlan assignment?

Many thanks

regards

Stefan

Labels:
0 Helpful
2 Replies 2

b.hsu
Level 5
Level 5

‎01-11-2006 11:27 AM

I think it is possible.For this, the authentication should be based on the user, not based on the VLAN he connects. For detailed information on configuring IEEE802.1x port based authentication on switches, you can view the following URL

http://www.cisco.com/en/US/products/hw/switches/ps628/products_configuration_guide_chapter09186a0080476298.html

Let me know, if you have any further doubts on this.

0 Helpful

jhathcock
Level 1
Level 1

‎02-08-2006 12:20 PM

Stefan- It is possible if you use the VLAN name instead of the vlan #. That means you will just have to be consistent with your Vlan names for each location. So lets say you set up authenticated users to go to the "AuthUser" vlan. On your switches you would set up:

AuthUser=vlan 10 in Bldg A

AuthUser=vlan 20 in Bldg B

etc...

Just know that if someone unknowingly changes the vlan name on the switch that it will break dot1x, so make sure your fellow engineers know the significance of the name.

Good luck with your implementation!

0 Helpful
Customers Also Viewed These Support Documents