This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Dynamic VLAN Assignment with NPS and EXOS Not Working

Dynamic VLAN Assignment with NPS and EXOS Not Working

Go to solution
Ahmed_101
New Contributor II

Monday

Hello everyone,

I'm setting up a lab where a Windows Server (running NPS) is connected to an EXOS switch. My goal is to configure dynamic VLAN assignment via 802.1X.

I have successfully implemented 802.1X authentication using a username and password, and it works as expected. However, dynamic VLAN assignment is not working.

I've configured the following RADIUS attributes in the NPS network policy:

Tunnel-Medium-Type = 802 (Ethernet

Tunnel-Pvt-Group-ID = 10 (VLAN ID)

Tunnel-Type = VLAN

Additionally, I followed the vendor-specific attribute configuration outlined in https://extreme-networks.my.site.com/ExtrArticleDetail?an=000081809 , but it didn't work.

Any guidance or troubleshooting tips would be greatly appreciated!

Thanks in advance!

0 Kudos
1 ACCEPTED SOLUTION

Go to solution
Gabriel_G
Extreme Employee

5 hours ago - last edited 5 hours ago

Hi Ahmed,

Check out this article:
https://extreme-networks.my.site.com/ExtrArticleDetail?an=000079334

The key points being:
A) You need to enable 'vlanauthorization' which will allow the Tunnel Attribute VLAN to be dynamically created as well as dynamically assigned.

B) You must also change the maptable response to 'tunnel' or 'both'. By default, the switch will try to follow the RADIUS attribute "filter-id" for use with policy profiles. Changing the maptable to 'tunnel' or 'both' will allow the switch to accept the Tunnel attributes as well.

Hope that helps!

View solution in original post

0 Kudos
2 REPLIES 2

Go to solution
Ahmed_101
New Contributor II

5 hours ago

Thank you

Go to solution
Gabriel_G
Extreme Employee

5 hours ago - last edited 5 hours ago

Hi Ahmed,

Check out this article:
https://extreme-networks.my.site.com/ExtrArticleDetail?an=000079334

The key points being:
A) You need to enable 'vlanauthorization' which will allow the Tunnel Attribute VLAN to be dynamically created as well as dynamically assigned.

B) You must also change the maptable response to 'tunnel' or 'both'. By default, the switch will try to follow the RADIUS attribute "filter-id" for use with policy profiles. Changing the maptable to 'tunnel' or 'both' will allow the switch to accept the Tunnel attributes as well.

Hope that helps!

0 Kudos
GTM-P2G8KFN