i'm trying to setup port based authentication in a lab environment. I seem to have everything working (PKI, IAS 2003, provurve 2524, AD). I have one lingering question. Everything I've been looking at so far seems to indicate that the extent of the vlan assignment abilities are either authenticated or unauthenticated. In other words, it seems that there are only one or two vlans that can be used with port based authentication.
I would like to setup a guest vlan for un-authenticated user, and I would like the authenticated users to be assigned to a vlan based on securtiy group. For example, admissions should go to vlan 4, factulty should go to vlan 3, IT should go to vlan 7. Is this sort of thing possible, or do can I only use two vlans when it comes to 802.1x.
Thanks in advance.