[prev in list] [next in list] [prev in thread] [next in thread] 

List:       freeradius-users
Subject:    Re: Using "Tunnel-Private-Group-Id" in linelog
From:       Alan DeKok <aland () deployingradius ! com>
Date:       2019-10-23 22:05:15
Message-ID: 917D19E5-1C77-4C73-B111-A459681937EF () deployingradius ! com
[Download RAW message or body]

On Oct 23, 2019, at 11:02 AM, Burger, Wolfgang <wburger@gwdg.de> wrote:
> It comes from the users file. I have a list of all the devices and their vlan-id in \
> there in the format: 
> 0cc47a96a6af Cleartext-Password := "0cc47a96a6af"
> Tunnel-Type = VLAN,
> Tunnel-Medium-Type = IEEE-802,
> Tunnel-Private-Group-Id = "\\0001"

  Yeah, you don't need the "\000"

> > Why not just set Tunnel-Private-Group-Id = "1"
> 
> Honestly, I don īt remember. Been using the format of \\000X since forever and I \
> was under the impression the switches need it to be that way. But I just tested it \
> without the leading binary and it still works for the switch. And your nose works \
> too, because without the zeros, the linelog config is working fine:

  Exactly. :)

> vlanlog] expand: %S: %{reply:Packet-Type} AAA-VLAN-Request for %{User-Name} on \
> %{NAS-Identifier} (%{NAS-IP-Address}) at Port %{NAS-Port-Id}. Put to VLAN \
> %{reply:Tunnel-Private-Group-Id} -> 2019-10-23 16:58:25: Access-Accept \
> AAA-VLAN-Request for 0023dfa2cb9e on switch54 (192.168.2.79) at Port 39. Put to \
> VLAN 1 
> So thank you very much.

  You're welcome.

> My next steps:
> - Upgrade to 2.2.10
> - Test wether all used switches are happy with the easier format of \
> Tunnel-Private-Group-Id

  They will be.  If they don't like it, complain to the vendor that they're not \
following RFC 2868

  Alan DeKok.


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html


[prev in list] [next in list] [prev in thread] [next in thread]