Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
10145
Views
0
Helpful
23
Replies

SG200-26: dynamic VLAN - 802.1X

Nachtfalkeaw
Level 1
Level 1

‎03-14-2011 04:47 AM

Last week I got my SG200-26 (SLM2024T-EU). The Data Sheet says, that the switch works with dynamic VLAN assignment over 802.1X.

IEEE 802.1X
(Authenticator role)
802.1X: RADIUS authentication and accounting, MD5 hash
Supports time-based 802.1X
Dynamic VLAN assignment

The authentication on freeRADIUS works. I client could get access to the network after entering username and password but the client is not assigned to a VLAN. I used wireshark to sniff the authorisation process between the switch and the freeRADIUS server and the VLAN information were transmitted to the switch.

I would appreciate if some could give me some help how to configure the switch to work with dynamic VLAN assignment and freeRADIUS. If you need some more information, please let me know. I will add them here as far as possible.

Thank you very much!

Alexander

Edit

1 person had this problem
Labels:
0 Helpful
23 Replies 23

gustavo
Level 1
Level 1
In response to phil_m_casey

‎04-13-2011 11:13 AM

Alexander,

The Dynamic Vlan worked with the SG200-26?

I will buy this switch and I need this feature. At documentation I was with doubt too.

Thanks.

Gustavo

0 Helpful

Nachtfalkeaw
Level 1
Level 1
In response to gustavo

‎04-13-2011 12:32 PM

@Gustavo

The Data Sheet says, that the switch will work with dynamic VLAN assignment. This was the reason, why I bought 20 of these switches.

But nobody in this forum could tell me how to configure this. I suppose, that there is a firmware bug, becaus the freeRADIUS .pcap files are correct. I told somebody in another forum to check my freeRADIUS configuration and verified, that it is correct.

In the next days oder next week I will try the hotline but it stresses me, that I will have to explain everything again and then probably send al .pcap files again.

IF I get theses switches working with dynamic VLANs, I will post my configuration here in this thread. IF NOT, I will sent all switches back and use another supplier like HP.

I hope this will help ypu, Gustavo.

Regards

Alexander

0 Helpful

nimusell
Level 1
Level 1
In response to Nachtfalkeaw

‎04-14-2011 01:53 AM

Hi Alexander,

In the next days oder next week I will try the hotline but it stresses  me, that I will have to explain everything again and then probably send  al .pcap files again.

I can assure you that when you open a case with the SBSC, you can refer to this thread on the community so you don't have to explain everything again. The SBSC agent handling your case will retrieve all data from this thread and put it in the case notes.

Unfortunately I still did not have the time to replicate your issue and as I am going on PTO tomorrow I will not be able to work on your issue in the coming week, therefor, I strongly suggest you open a case with one of my German speaking colleagues here in the support center.

The help on this community is on a best effort basis, and cases logged within our system get priority above working on the community, so in order to have a faster result, please contact us and have a case logged, this is also necessary if your problem might turn out to be a bug or not working functionality in the switch.

Hope this helps,

Best regards,

Nico Muselle

Sr. Network Engineer - CCNA

0 Helpful

Nachtfalkeaw
Level 1
Level 1
In response to nimusell

‎04-15-2011 03:47 AM

Just for your information:

I called the germany support hotline and they opened case (617466575).

I gave them the link of this thread.

0 Helpful

plicheva
Level 1
Level 1
In response to Nachtfalkeaw

‎04-26-2011 03:18 AM

Hi,

We don't see your running configuration having dynamic VLAN assignment enabled on the interfaces.  You have to enable "RADIUS VLAN Assignment" at the desired interface(s) from 802.1x > Port Authentication GUI page.  Hope this will resolve the problem.

If not we also need to see  the debugs from the FreeRadius.

Plamena Licheva

0 Helpful

Nachtfalkeaw
Level 1
Level 1
In response to plicheva

‎04-26-2011 07:08 AM

No, this di

didn't resolve the problem!

There is no Option "RADIUS VLAN Assignment" or I didn't find it.

I attached you three pictures of the GUI I can see.

Further I attached you the radius log running "radiusd -X"

85448-radiusd -X.log.zip
0 Helpful

plicheva
Level 1
Level 1
In response to Nachtfalkeaw

‎04-27-2011 03:34 AM

Greetings  Mr. Wilke,

You are right sir,

There is no option to enable "Dynamic VLAN assignment " in the web gui of the switch. It's written in the Datasheet, but it's a mistake that has been reported and it will be fixed.

Please contact us for futher information -

Thank you

With best of my regards,

Plami

0 Helpful

Nachtfalkeaw
Level 1
Level 1
In response to plicheva

‎05-03-2011 12:09 AM

Hello Mrs. Licheva,

did you get my E-Mail from 28. April 2011 ?

I didn't get any feedback till now ?

Thank you very much.

0 Helpful

plicheva
Level 1
Level 1
In response to Nachtfalkeaw

‎05-03-2011 01:47 AM

Hello Mr. Wilke,

Yes, I received your email. I have escalated the case, that we have and I am

currently waiting for replay.

Thanks for the understanding.

Greetings,

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Switch products supported in this community
Cisco Business Product Family
  • CBS110
  • CBS220
  • CBS250
  • CBS350
Cisco Switching Product Family
  • 110
  • 200
  • 220
  • 250
  • 300
  • 350
  • 350X
  • 550X
Customers Also Viewed These Support Documents