Enabling VLAN via RADIUS Attributes

This describes how to configure VLAN settings through RADIUS attributes and add them to a client. For further info look here. To enable general attributes check out Enabling RADIUS Attributes for setup information.

1. Create the Attribute Set

Go to the 'RADIUS Attributes' page and click the 'Add Attributes' button. Name your Attribute Set to create it.

2. Constant Classes for VLAN

Click the 'Manage classes' button (3 horizontal bars) in the 'Action' section. This will allow you to add/remove classes for your RADIUS Attributes. For Constant Attributes, we support 2 attributes:

• Tunnel-Type=VLAN
• Tunnel-Medium-Type=IEEE-802

You can click to add the 'Constant' class and then click 'Edit Ruleset' to open the page shown in the screenshot below. Then select and add in the constant attribute by typing it into the Radius Attribute dropdown. The value can then be added in like this:

3. Conditional Rules for VLAN

If you'd like to set conditional rules instead, please select a Class that isn't constant (Group, CA, etc.) and choose the Radius Attribute 'Tunnel-Private-Group-Id'. Then click 'Add Rule' and you should be able to select the instance of the group/CA/object and set a value 'x' to each instance of the object where 'x' is the VLAN number. There is also a default value, which will assign any unspecified instance of the object to the VLAN number specified (in this case it will be sent to VLAN number 0).

4. Assign the attributes to a client

Go to either the 'RADIUS Clients' page, 'RADIUS Servers', or 'RadSec' page. In the 'RADIUS Attributes' column, select the Attribute Set you just created. Whenever a request is sent to that client, successful logins will return attributes according to that Attribute Set's specifications.

NOTE: In order to delete an Attribute Set, it must not be associated with any RADIUS Clients.