- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
Re: Vlan versus radius
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Vlan versus radius
Hello
I want to configure this switch like this:
-when one worker connect its pc in one port of the switch, the switch validate the mac in a bbdd of autorized macs. If the mac it is okey, the switch put this port (where the worker is connected) in vlan1, if it is not a autorized mac, then the switch must configure/asign to this port the vlan 3.
How can i do it?
Can you send me a guide of how to do it?
Regards
Eduardo
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Vlan versus radius
From the scenario you have described, it seems that you want to configure Port Security.
1. On the web-GUI, go to Security > Traffic Control > Port Security > Static MAC address. Under Port List, select your desired port in the Interface Field. Then, enter the corresponding MAC Address in the Static MAC Address field and select the corresponding VLAN ID. Then, click Add.
As reference, read page 15-5 of the GSM7224v2 Software Administration Manual Release 8.0 here.
2. Configure Port Security. Read pages 15-2 to 15-3 of the GSM7224v2 Software Administration Manual Release 8.0 here
Let me share this old forum thread here. Although a different NETGEAR switch model was used in the old forum thread, it might still help as your guide.
If ever your concern has been addressed or resolved, I encourage you to mark the appropriate reply as the “Accepted Solution” so others can be confident in benefiting from the solution. The NETGEAR Community looks forward to hearing from you and being a helpful resource in the future!
Regards,
DaneA
NETGEAR Community Team
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Vlan versus radius
Sorry for not explaying me better before.
I send you a draw.
The working procces must be:
1. we connect a pc to the network, for example, port 1 in the switch
2.the switch asked the ¿external or internal? macs bbdd if this pc mac is in the bbdd.
3.the switch now know if this pc mac is in the bbdd
4.the switch assign vlan untagged to this port 1. If pc mac is in bbdd, the switch assign a vlan id X to this port 1. If pc mas is not in bbdd, the switch assign another vlan id Y to this port 1.
I am not sure if mac bbdd... may be in the switch... or this is a external equipment. For us, it does not matter. External?
How exactly to do it? How to configure it?
Thank you
Regards
Eduardo
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Vlan versus radius
Is the MAC BBDD in your network diagram the RADIUS server? If yes, kindly read the articles below and this might help you configure the GSM7224v2 switch:
Dynamic VLAN assignment using RADIUS
How do I assign VLANs using RADIUS on my managed switch using the web interface?
How do I assign VLANs using RADIUS on my managed switch using CLI commands?
Regards,
DaneA
NETGEAR Community Team
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Vlan versus radius
@DaneA These examples are username/password based VLAN associations - not what the OP is looking for.
In continuation of these examples above. one might want to add a catch-all VLAN if a user resp. a system doesn't succeed with the username/password, so the system is put on a VLAN used for guest, for a staging environment, ...
Now the username/password authentication from the examples must be changed to pure MAC address check, e.g in a RADIUS.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Vlan versus radius
Yes! That it!!
I am not looking for validate with user/password,... i am looking to validate via mac: So, if the mac (connected in one aleatory port of the switch) is okey/autorhired/is in the mac autorized bbdd--> vlan 1 to switch. If the mac is not in the mac autorized bbdd--> switch assign vlan 10
(the number of vlan are examples).
So:
1.How must i configure the switch? like this?
or this?
2.How exactly must i configure the radius?? Can you show me??
Thank you!
Regards
Eduardo