802.1x Vlan assignment

angel.batista · ‎08-31-2006

Hi guys,

I want to configure 802.1x to assign vlan.

I try to configuren this through Microsoft IAS, but when the user logs on to the pc instead of being assigned to the specified VLAN in the policy rule they are assigned to the fall back or guess VLAN.

Vlan assignment works with IAS or I need to configure with ACS?

Thanks

leonvd79 · ‎08-31-2006

Hello Angel,

I can't comment on Microsoft IAS configuration and restrictions. However, Cisco's 802.1x implementations allows VLAN assignment throug RADIUS. That means that ACS is not a prerequisite.

You need to check if the username-to-VLAN mappings are present in your RADIUS (IAS) server.

Since I don't know what switch platform you are using I supplied the configuration for 802.1x VLAN assignment on a Catalyst 3550.

http://www.cisco.com/univercd/cc/td/doc/product/lan/c3550/12225se/3550scg/sw8021x.htm#wp1105952

HTH

--Leon

* Please rate posts.

Sureshdank · ‎09-01-2006

Leon,

Have you got any idea on Integration ACS with Trend Micro or any other document which could help in doing so.

I have been trying from last many days.

Rgards,

Suresh

angel.batista · ‎09-01-2006

Hi Leon,

Im using Catalyst 2950 as client, but I think the configuration that you send me is the same.

I will try Again and let you know.

Thanks.

angel.batista · ‎09-01-2006

Hi,

Now the Radius server let me login to Active Directory via EAP, but doesn't assignme any vlan (I want tha assign the pc to vlan 10)instead the radius let the pc in vlan 1.

Before the radius server donn't let me login to active directory and assignme to fallback vlan.

I need to do something else, like change the VTP config (the current vtp state is SERVER)?