I'm trying to setup wired RADIUS Auth to dynamically assign a VLAN based off of the user (for content filtering).
There may be a better way to do this...
I've managed to get the machine to authenticate but it won't let the machine access the server from the new VLAN... whenever the user logs in it cannot access the file server on the default infrastructure VLAN (1).
I've attached an access port policy from the switch.
You'll probably need more info, but I don't know what you need to know... ask away!
Sorry Dan I thought you were asking for wireless before lol
Here are some links that should help you out. Never done it myself though, I think some on here have.
https://documentation.meraki.com/MS/Port_and_VLAN_Configuration/Dynamic_VLAN_assignment_via_802.1X_(...
https://documentation.meraki.com/MS/Access_Control/MS_Switch_Access_Policies_(802.1X)
https://community.meraki.com/t5/Switching/Dynamic-Vlan-Similar-option-is-not-working-for-Wired-Clien...
Does the switch report the user is being placed in the correct VLAN? If so - that is the end of that part of the puzzle.
The next question is what is doing the inter-vlan routing for the two VLANs? Do they they have any access rules limiting the traffic?
it doesn't report there user... it reports the machine name but it is in the correct VLAN...
I haven't set any explicit rules to block anything, I wasn't;t sure if something was blocked automatically or how to stop it from being blocked...
You need to enable Change of authorization (CoA) in order to be placed in the right VLAN.
the new vlan has a Layer3 interface?