How to set Dynamic QoS with FreeRADIUS server ? Follow
Model
ECS4110-28P
1. Configure the freeRADIUS server
vi /etc/freeradius/client.conf
client 192.168.1.0/24 {
secret = testing123
shortname = private-network-1
}
vi /etc/freeradius/eap.conf
default_eap_type = md5
vi /etc/freeradius/users
test User-Password := "test"
Framed-Filter-Id = "rate-limit-input=12345;switchport-priority-default=3;"
NOTE:
The RADIUS server may optionally return dynamic QoS assignments to be applied to a switch port for an authenticated user. The "Filter-ID" attribute (attribute 11) can be configured on the RADIUS server to pass the following QoS information:

p.s. Refer the management guide manual.
2. Set IP address on VLAN 1
Console#conf
Console(config)#interface vlan 1
Console(config-if)#ip address 192.168.1.1 255.255.255.0
Console(config-if)#exit
3. Specifies the RADIUS servers and the corresponding secret key
Console(config)#radius-server 1 host 192.168.1.13 key testing123
4. Enables dot1x globally on the switch
Console(config)#dot1x system-auth-control
5. Enables dot1x mode and dynamic QoS feature on port 1
Console(config)#interface ethernet 1/11
Console(config-if)#dot1x port-control auto
Console(config-if)#network-access dynamic-qos
Console(config-if)#exit
Console(config)#
6. Enables authentication methods with the MD5-Challenge on the TESTPC1's network card.

p.s. How to re-enable EAP-MD5 support in versions of Windows Vista or Windows 7 ?
7. Connect the PC to the switch port 1 then click the pop-up message.

8. Enter the username and password.

9. Check the result.
Console#show interfaces switchport ethernet 1/11

Comments
0 comments
Please sign in to leave a comment.