Comware

i am testing mac-based authentication but encountered a problem with auth-vid and unauth-vid.

My mac address get authenticated correctly by the radius server.
The "show port-access mac-based" clearly says that the switch also sees this as an authorized client.
The switch however doesn't change the vlan to the one defined by auth-vid.

it's a 2848 with firmware version I8.98 .

Hi

In Auth-VID scenario, the user will be assigned a VLAN in following order of priority:

- VLAN in RADIUS profile.
- auth-vid parameter for the ports.
- Underlying port VLAN assignment.

So if you have a RADIUS vlan attribute, that will take priority, otherwise, you have to check the commands, and few more things, all the Vlans should be tagged on all uplinks, and it should exist (created) on the relevant switches.

Good Luck !!!

thanks for your answer, i forgot to answer that i got it working with 802.1x and my windows account(as i already setup for our wireless stuff).
no vlan is given from radius, i changed the default vlan to make sure i could see something chaning, but the only change that i see is from the default vlan to the unauth-vid(even when authentication is ok).

i'm now preparing to do a firmware upgrade.
i absolutely want this working, as this can be implemented invisible for the users.

some additional info, when i force the vlanid from radius it works fine.
upgrading the firmware didn't help.