Hi

I have 802.1x enabled in switch, so the users got authenticated through a radius server, and based on the authentication a URL-REDIRECT radius attribute sent from Radius server to switch, so the users web traffic redirected to the specified web link.

I have the users authenticated, but the redirection is not working.

- The used switch is 2960

- The used switch version is (C2960-LANBASEK9-M), Version 12.2(55)SE7

- The switch is L2 switch.

- The users VLAN GW is in another L3 switch

SO::

- Is the switch must be L3 switch?

- Is the users VLAN GW must be on the target switch (for the URL-Redirect to be accepted)

- Is there a special configuration required on the switch rather than the below?;

aaa new-model

aaa authentication dot1x default group radius
aaa authorization network default group radius
aaa accounting dot1x default start-stop group radius

aaa server radius dynamic-author
client 10.0.0.179 server-key aruba123
port 3799
auth-type all

dot1x system-auth-control

interface FastEthernet0/2
switchport access vlan 10
switchport mode access
authentication order dot1x mab
authentication priority dot1x mab
authentication port-control auto
authentication periodic
authentication timer reauthenticate server
mab
dot1x pae authenticator
dot1x timeout server-timeout 30
dot1x timeout tx-period 10
dot1x max-req 3
dot1x max-reauth-req 3
spanning-tree portfast

ip http server
ip http secure-server

radius-server host 10.0.0.179 auth-port 1645 acct-port 1646 key aruba123
radius-server vsa send authentication

Thanks

Mahmoud