| Description | This article describes steps on how to configure dynamic assigned tag vlan on Radius Server. |
| Scope | FortiSwitch and FortiGate 7.0.x and above. |
| Solution |
In some cases, requirement is to push dynamic assigned tag vlan from radius server to the FortiSwitch for VOIP devices.
Starting in FortiSwitchOS 7.0.0, the following RADIUS attributes can be used to configure dynamic non-native VLANs:
1) Egress-VLANID 2) Egress-VLAN-Name
For more details, refer page#139
Refer to the below explanation on how to configure the radius server to send Egress-VLAN ID attribute.
Egress-VLAN ID: 'Provides the VLAN identifier and controls whether egress packets are tagged (56). To set the VLAN ID value, use 0x31 for a tagged VLAN or 0x32 for an untagged VLAN.'
Here is an example of how Hex value is calculated for a tagged VLAN 30 thats will be returned to FortiSwitch. 0x31<000><VLAN-ID in Hex> the value of 30 in Hex is 1E, another 0 must be padded making it 01E. Finally, the Hex value for a tagged VLAN 30 is 0x3100001E. Now, convert HEX to Decimal. 0x3100001E in decimal is 822083614. Configuration on Radius server should be something like this (Here FortiConnect is being used)
Below is Wireshark Capture which shows the return attribute:
Helpful link:-
Reference KB articles:-
|
Unlock Exclusive Benefits
Join Our Community Today!
Join our community and post in the forum to earn your exclusive Spring Badge! Become a member today!
LOGIN/REGISTER
CONTINUE AS A GUEST
- Support Forum
- Knowledge Base
- Customer Service
- Internal Article Nominations
- FortiGate
- FortiClient
- FortiADC
- FortiAIOps
- FortiAnalyzer
- FortiAP
- FortiAuthenticator
- FortiBridge
- FortiCache
- FortiCarrier
- FortiCASB
- FortiConverter
- FortiCNP
- FortiDAST
- FortiDDoS
- FortiDB
- FortiDNS
- FortiDLP
- FortiDeceptor
- FortiDirector
- FortiDevSec
- FortiEdgeCloud
- FortiEDR
- FortiExtender
- FortiGate Cloud
- FortiGuard
- FortiHypervisor
- FortiGuest
- FortiInsight
- FortiIsolator
- FortiMail
- FortiMonitor
- FortiManager
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPhish
- FortiPortal
- FortiPresence
- FortiSRA
- FortiProxy
- FortiRecon
- FortiRecorder
- FortiScan
- FortiSandbox
- FortiSASE
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiWAN
- FortiToken
- FortiVoice
- FortiWeb
- FortiAppSec Cloud
- RMA Information and Announcements
- Lacework
- Wireless Controller
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
FortiSwitch
FortiSwitch: secure, simple and scalable Ethernet solutions
- Fortinet Community
- Knowledge Base
- FortiSwitch
- Technical Tip: RADIUS attributes to configure dyna...
Options
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2025 Fortinet, Inc. All Rights Reserved.