Edited by Alexey Savkin at 2024-5-16 21:40 Dear experts! Does any body know is there a possibility to apply ACL (locally configured on AC or downloadable ACL, doesn't matter) by RADIUS Authorization results, i.e. apply ACL that is pointed in Radius ACCESS-ACCEPT packet? I have tried both variants:
So, the QUESTION: how I can apply per-user ACL by the radius authentication result in 802.1x wireless network? |
GTAC-Ross replied at 2024-5-20 15:09 Dear Ross!! OK, #1 is working perfectly!! Thank you very much, it is enough for me! We can mark this topic as "solved'! Best regards, Alexey |
Alexey Savkin replied at 2024-5-17 22:10 Dear sir 1.For the first method, the AC locally configures the extended ACL and specifies the ACL name to be changed in the Filter-ID attribute. After packet capture, it is found that the AC does not apply this attribute A policy needs to configur on the device. The server delivers the policy name through attribute 11 you may refer to this configuration 2.For the second method, our device is not suitable for Cisco dacl, so it cannot be implemented at present Best regards, Ross |
Dear sir May I confirm the current issue is 802.1x authenticaiton on the device was rejected? if so, you can check this configuration refer to this link https://community.ruijienetworks.com/forum.php?mod=viewthread&tid=5071&extra=page%3D1 May I know mode details about this alarm? coz we didn't find the similar alarm on WS6816 Best regards, |
Edited by Alexey Savkin at 2024-5-17 22:19 GTAC-Ross replied at 2024-5-17 13:47First of all, my device is Access Controller RG-WS6512 Second, the problem is not with 802.1x authentication, it works just fine. The problem with getting/downloading ACL from RADIUS server after successful 802.1x auth (again, look at the topic and initial question more carefully, all described above). Let me try to explain one more time:
This algorithm describes Cisco-style procedure of getting dACL from RADIUS. As Ruijie controller tries to request dACL, I assume that is must support this procedure, but now it works a little bit incorrectly. We wants to fix it in our deployment. Please, let me know if you have any additional questions or misunderstood something from above. |
This site contains user submitted content, comments and opinions and is for informational purposes only. Ruijie may provide or recommend responses as a possible solution based on the information provided; every potential issue may involve several factors not detailed in the conversations captured in an electronic forum and Ruijie can therefore provide no guarantee as to the efficacy of any proposed solutions on the community forums. Ruijie disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site. All postings and use of the content on this site are subject to the Ruijie Community Terms of Use.
More ways to get help: Visit Support Videos, call us via Service Hotline, Facebook or Live Chat.
©2000-2023 Ruijie Networks Co,Ltd