www.zeroshell.org Forum Index www.zeroshell.org
Linux Distribution for server and embedded devices
 
 SearchSearch  RegisterRegister  UsergroupsUsergroups 
 ProfileProfile  Log inLog in  Log in to check your private messagesPrivate Message 

Problem with dynamic VLAN assignment on AP WiFi (WNAP-210)

 
Post new topic   Reply to topic    www.zeroshell.org Forum Index -> Wireless Networks
View previous topic :: View next topic  
Author Message
ReneR



Joined: 22 Nov 2011
Posts: 4
PostPosted: Tue Nov 29, 2011 1:26 pm    Post subject: Problem with dynamic VLAN assignment on AP WiFi (WNAP-210) Reply with quote
Hi Fulvio.

I have a problem with ZS & AP-WiFi WNAP210/Netgear & RADIUS authentication.
My network (test bed) :

(Internet)---[Router]---(LAN)---[Zeroshell]---(Trunk)---[WNAP210]...(2 x SSID)...[Mac / OS X]

Zeroshell : Relase 1.0 Beta 16
    ETH00 = LAN
    Trunk : VLAN native + VLAN-3 + VLAN-5
    SSID-1 -> VLAN-3/ETH01
    SSID-2 -> VLAN-5/ETH01

In Zeroshell
    Router
    DHCP : enabled in 2 VLAN (3 & 5)
    DNS : enabled
    RADIUS : enabled
    NTP : enabled (client + server)

In WNAP-210
    2 SSID : SSID-1 & SSID-2 each on VLAN (SSID-1 -> VLAN-3, SSID-2 -> VLAN-5)

The tests :
Tests with 2 x SSID in WPA2 / PSK+AES (preliminary tests) :
    Connection to each SSID OK.
    DHCP set @IP to the Mac OS X in the correct VLAN (SSID-1 -> @IP/VLAN-3, SSID-2 -> @IP/VLAN-5) : OK.
    Surf to Internet : OK -> (DNS : OK).

Tests with RADIUS (WPA2 entreprise) :
    Add 2 users in the menu "users", each user allocated to one VLAN (user-1 -> VLAN-3, user-2 -> VLAN-5).
    Install the user's certificates in the computer : OK.
    Connection EAP-TLS to the respective SSID in WPA2 entreprise (user-1 -> VLAN-3, user-2 -> VLAN-5) : OK.
    Crossed connexion to the 2 SSID (user-1 -> VLAN-5, user-2 -> VLAN-3) Evil or Very Mad : OK !!! The right behaviour is to abort the connexion or route the Mac OS X to the right VLAN ?!

Questions :
    It's a mistake for me ? Shocked
    Has anybody tested the WNAP-210 in dynamic VLAN assignment ?
    Anybody can confirm me the compliance (of the WNAP-210) with RFC 2868 / Updates RFC 2865 ?
    Is there another AP WiFi (b.e.: WAP4410 Cisco) work correct with Zeroshell ?

Thanks for your nice assistance and excuse me for my frightening English Embarassed
Back to top
View user's profile Send private message
myki



Joined: 31 Jan 2012
Posts: 2
PostPosted: Tue Jan 31, 2012 3:29 pm    Post subject: Reply with quote
Hello,

I have exactly the same problem as you (vlan and ... english language).

I'm using the same configuration as you (2 SSID with different vlan), a linksys AP with dd-wrt and cisco switch (both supporting 802.q).

The result of my tests is the same. All is working (dhcp per vlan, ...) exept that with the 2 vlan i 'm able to connect with a user configured only for one vlan (Radius vlan parameters on the user manager).

I'm using the Zeroshell Relase 1.0 Beta 16

Have you find the solution to your problem ?

Thanks.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    www.zeroshell.org Forum Index -> Wireless Networks All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group