Security

Hello all,

I'm currently trying to configure a HP 1920s to provide RADIUS-dependent VLAN allocation. The dynamically configured ports will be used to connect docking stations and switch VLANs dependend on the connected notebook. Since the notebooks themselves are used in serveral locations using tagged VLAN configs is not possible, i.e. the switch has to map the VLAN as untagged.

The RADIUS authentication itself is working, both according to the RADIUS-log and the switch' UI:

However the notebooks are unable to send and/or receive packages. DHCP fails with a timeout and after assigning a static IP all connection attempts time out.

The switch port (3) is configured as follows regarding VLAN:

Any help is appreciated. If you need further information regarding the configuration I will provide them asap.

Thanks,

Alex

Hi AlexanderK, could you solve it? Because i have the same problem.

What attribut do you are using ?

Hi alagoutte, i am using egress-VLANID(56) attribute but the switch dont tagged the vlan.

Hi Aguirao,

yes, I got it to work in the end. The RADIUS-Ports (2+3) have the following VLAN config:

The difference to the old config is that the VLANs which should be assigned by RADIUS are configured as Tagged VLANs on that port. Upon successful authentication they are mapped as untagged VLAN.

In my case VLANs 10 and 30 are assigned by RADIUS while 50 is a guest network for unauthenticated devices.

On the radius server I use the following attributes:

Tunnel-Type = VLAN,
Tunnel-Medium-Type = IEEE-802,
Tunnel-Private-Group-ID = "10"

Hope this helps,

Alexander