We have two VLANS that are trunked from EX3300 switch A to EX3300 switch B. Switch B has MAC RADIUS. How do we get MAC RADIUS to work on all VLANs? We want the RADIUS server to determine which VLAN the new device added to the network falls on. Here is our current config. Are we doing something wrong?
root@switch-data# show
## Last changed: 2022-08-18 07:57:15 EDT
version 12.3R6.6;
system {
host-name switch-data;
time-zone EST;
root-authentication {
encrypted-password
}
login {
user admin {
uid 2005;
class super-user;
authentication {
encrypted-password
}
}
user contractor {
uid 2006;
class operator;
authentication {
encrypted-password
}
}
user gtadmin {
uid 2007;
class super-user;
authentication {
encrypted-password
}
}
}
services {
ssh {
protocol-version v2;
}
telnet;
netconf {
ssh;
}
web-management {
http;
}
}
syslog {
user * {
any emergency;
}
file messages {
any notice;
authorization info;
}
file interactive-commands {
interactive-commands any;
}
}
ntp {
server 132.163.96.3;
}
}
interfaces {
interface-range VTXRegistration {
member-range ge-0/0/0 to ge-0/0/46;
unit 0 {
family ethernet-switching {
port-mode access;
vlan {
members VTX-Registration;
}
}
}
}
ge-0/0/0 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/1 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/2 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/3 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/4 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/5 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/6 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/7 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/8 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/9 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/10 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/11 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/12 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/13 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/14 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/15 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/16 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/17 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/18 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/19 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/20 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/21 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/22 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/23 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/24 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/25 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/26 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/27 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/28 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/29 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/30 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/31 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/32 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/33 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/34 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/35 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/36 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/37 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/38 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/39 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/40 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/41 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/42 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/43 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/44 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/45 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/46 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/47 {
unit 0 {
family ethernet-switching {
port-mode trunk;
vlan {
members all;
}
native-vlan-id 210;
}
}
}
ge-0/1/0 {
unit 0 {
family ethernet-switching;
}
}
xe-0/1/0 {
unit 0 {
family ethernet-switching;
}
}
ge-0/1/1 {
unit 0 {
family ethernet-switching;
}
}
xe-0/1/1 {
unit 0 {
family ethernet-switching;
}
}
ge-0/1/2 {
unit 0 {
family ethernet-switching;
}
}
ge-0/1/3 {
unit 0 {
family ethernet-switching;
}
}
vlan {
unit 210 {
family inet {
address 10.210.73.249/24;
}
}
}
}
snmp {
name isofy_snmp;
client-list list0 {
10.210.73.1/24;
}
community isofyread {
authorization read-only;
client-list-name list0;
}
community isofywrite {
authorization read-write;
client-list-name list0;
}
}
forwarding-options {
helpers {
bootp {
server 10.210.73.1;
interface {
vlan.210;
}
}
}
}
routing-options {
static {
route 0.0.0.0/0 next-hop 10.210.73.1;
}
}
protocols {
igmp-snooping {
vlan all;
}
dot1x {
authenticator {
interface {
ge-0/0/1.0 {
supplicant multiple;
transmit-period 10;
mac-radius {
restrict;
}
reauthentication 3600;
supplicant-timeout 3;
server-timeout 5;
server-fail deny;
}
ge-0/0/12.0 {
supplicant multiple;
transmit-period 10;
mac-radius {
restrict;
}
reauthentication 3600;
supplicant-timeout 3;
server-timeout 5;
server-fail deny;
}
}
}
}
mstp {
interface ge-0/0/12.0 {
edge;
}
}
lldp {
interface all;
}
lldp-med {
interface all;
}
}
access {
radius-server {
10.210.73.253 secret
}
profile profile1 {
authentication-order radius;
radius {
authentication-server 10.210.73.253;
accounting-server 10.210.73.253;
}
accounting {
order radius;
accounting-stop-on-failure;
accounting-stop-on-access-deny;
}
}
}
ethernet-switching-options {
storm-control {
interface all;
}
}
vlans {
VTX-Guest {
vlan-id 214;
}
VTX-Isolation {
vlan-id 202;
}
VTX-LV-Installer {
vlan-id 215;
}
VTX-Management {
vlan-id 210;
l3-interface vlan.210;
}
VTX-Members {
vlan-id 213;
}
VTX-Registration {
vlan-id 203;
}
}
poe {
interface all;
}
{master:0}[edit]
root@switch-data#
------------------------------
James Summerlin
------------------------------