Re: Dynamically assign a computer in a VLAN

[Oleksandr Darchuk <o.darchuk () wucb lviv net>]

Mathieu RINCK wrote:

> I know we can assign a computer to a VLAN with its mac address with 
> VMPS. Can RADIUS or TACACS do the same, added with username/password 
> authentication ?
Some time ago I've played with EAPoL on Nortel switches with RADIUS 
(FreeRADIUS). I don't use it now because of my own reasons, but it works 
like you ask: authorize user via RADIUS,  then RADIUS return attribute 
Tunnel-Pvt-Group-ID  -- it's number of VLAN. According to that attribute 
switch places port in VLAN. You don't need MAC address -- just username 
and password.
Hope it helps you.
Regards