Hello,
I set up a radius authentication, my goal is:
When a user plugs his machine on the enterprise network, there is a machine authentication (for AD: domain computer group) on the RADIUS server:
- If the machine is in the AD group, redirects to VLAN3 radius (full network access)
- If the machine is not in the AD group, radius redirects to VLAN2 (restricted access)
Currently, I can do:
When a domain computer connects to the network it gets an IP address though VLAN 3 (no problem)
By cons when it is a machine that is not in the field, I do not have an IP address (it is placed in VLAN2)!
I do not know or I can define these settings, this is not authenticated when placed in a user-defined VLAN.
Ps: I’m working on HP Procurve Switch
I helped a lot of this doc: http://integratingit.wordpress.com/2012/07/05/configuring-dynamic-vlan-assignment-on-procurve-switches/
thank you in advance
#VLAN