Hey guys,
is it possible to configure a dynamic vlan allocation via RADIUS for wired clients? If I configure a SSID on my access-points, I have the option "RADIUS override", to get the VLAN-ID from my RADIUS-Server. On my MS120 I can't find such an option. Do you know if the "RADIUS override" option (or something similar) is configurable for wired ports on a MS-Switch?
Thanks,
Mark
Solved! Go to solution.
for the switch this is always on.
for the switch this is always on.
Reference URL topic removed
Hi,
looks like the posted link is`nt available anymore?! 😐
Maybe somebody can help and share one that works?
thanks in advance and kind regards
Hi all,
You can find information on this link:
https://documentation.meraki.com/MS/Access_Control/MS_Switch_Access_Policies_(802.1X)
Specifically for this post:
Dynamic VLAN Assignment
In lieu of CoA, MS switches can still dynamically assign a VLAN to a device by assigned the VLAN passed in the Tunnel-Pvt-Group-ID attribute. It may be necessary to perform dynamic VLAN assignment on a per computer or per user basis. This can be done on your wired network via 802.1x authentication (RADIUS). In order to do so, the following RADIUS attributes must be configured and passed in the RADIUS Access-Accept message from the RADIUS server.
Once these attributes are configured on the RADIUS server, client devices can receive their VLAN assignment dynamically.
For more information on how to configure with NPS, visit Microsoft's article on Configuring a Network Policy for VLANs.
so it isn‘t necessary to enable CoA for the dynamic vlan assignment to work, correct? if so, why does this option than exist and where/when should or could it be used?