I'm trying to configure dynamic VLANs with mac address on a radius server
This is my current config:
dot1x {
authenticator {
authentication-profile-name profile1;
radius-reachability {
query-period 20;
}
radius-options {
use-vlan-id;
}
interface {
ge-0/0/0.0 {
retries 10;
quiet-period 0;
transmit-period 2;
mac-radius {
restrict;
}
no-reauthentication;
server-timeout 5;
server-reject-vlan vlan0081;
server-fail vlan-name vlan0081;
}
}
}
}
My current problem is that for some reason I don't understand, it takes around 2 minutes for the PCs to be placed on the correct vlan [tested on Mac, Windows, and Linux]. Before that, they get placed on my "server reject/server fail" vlan [and I dont have a guest vlan configured].
I captured the traffic using Wireshark on my radius server, and less than 1 second after connecting the host to the switch, the radius server is replaying with an "accept" and the correct vlan id. This makes me think it's a problem with my switch configuration…
Has anyone come across this issue before? Does someone know how to fix it?
------------------------------
Samuel
------------------------------