Hello Community, Please, anybody with a working implementation of VLAN enforcement setup please reply me.
Specifically, I'm looking for a clearer instructions on how to configure PacketFence for the following scenario: - User plugs into wired port - 802.1X login (AD credentials) - If device is not registered → forced into Registration VLAN - Captive portal appears - User logs in again → device registered - PacketFence reauthenticates device Based on AD group: Staff → VLAN 251 Student → VLAN 253 - WiFi is connected on an in-line interface The installation guide is not beginner-friendly and tends to be confusing. I will greatly appreciate anybody who can point me in the right direction. Regards, Nagasuki On Sun, Mar 29, 2026, 19:52 Nagasuki <[email protected]> wrote: > Hello. I am in the process of implementing PacketFence, and my intention > is to deploy a setup that does the following: > > - User plugs into wired port > - 802.1X login (AD credentials) > - If device is not registered → forced into Registration VLAN > - Captive portal appears > - User logs in again → device registered > - PacketFence reauthenticates device > Based on AD group: > Staff → VLAN 251 > Student → VLAN 253 > - WiFi is connected on an in-line interface > > So far I have done: > 1. Configuration of management interfaces and IP > > 2. Configured a second trunk interface and on it I specified > sub-interface IPs and VLANing for isolation and registration networks > > 3. Specified VLANs without IPs (and type 'Other' for two more VLANs that > will be normal VLANs each for staff and students > > 4. On the physical switch, I configured a trunk port going to the > PacketFence second interface, plus an access port going to the PacketFence > management network. I also configured two test access ports with 802.1x > fully configured for VLAN enforcement > > 5. In PacketFence, I joined domain and also specified base and bind DNs. > These are all confirmed to be working > > 6. I also added a test switch, created two additional roles that I intend > to map staff and students' VLANs to. On the switch (in PacketFence), I also > further configured the roles and specified VLAN IDs for registration, > isolation, staff, students, and guest > > 7. I have also associated both the default and null realms with my domain > > Please guide me step by step to configure the remaining componets for my > deployment. > > Regards, > Nagasuki >
_______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
