Administrator Guide
Conguring Dynamic VLAN Assignment with Port
Authentication
Dell Networking OS supports dynamic VLAN assignment when using 802.1X.
The basis for VLAN assignment is RADIUS attribute 81, Tunnel-Private-Group-ID. Dynamic VLAN assignment uses the standard dot1x
procedure:
1 The host sends a dot1x packet to the Dell Networking system
2 The system forwards a RADIUS REQEST packet containing the host MAC address and ingress port number
3 The RADIUS server authenticates the request and returns a RADIUS ACCEPT message with the VLAN assignment using Tunnel-
Private-Group-ID
The illustration shows the conguration on the Dell Networking system before connecting the end user device in black and blue text, and
after connecting the device in red text. The blue text corresponds to the preceding numbered steps on dynamic VLAN assignment with
802.1X.
Figure 8. Dynamic VLAN Assignment
1 Congure 8021.x globally (refer to Enabling 802.1X) along with relevant RADIUS server congurations (refer to the illustration
in
Dynamic VLAN Assignment with Port Authentication).
2 Make the interface a switchport so that it can be assigned to a VLAN.
3 Create the VLAN to which the interface will be assigned.
4 Connect the supplicant to the port congured for 802.1X.
100
802.1X