Hi,
I am trying to use captive portal on EX3400 to authenticate when the user is connecting to the switch and assign specifc vlan base on their identity. However, I found that it seems not possible to accomplish this on EX platform.
Here is what I expect.
1. User connect to the switch
2. User has no 802.1X enabled so will failed the dot1X authentication and assigned a guest VLAN
3. IP address of guest VLAN is assigned to the user
4. User can connect to the captive portal because the guest vlan IP is assigned
5. User was authenticated through the captive portal
6. Radius server assign another vlan(e.g. staff_vlan) through the tunnel ID attribute
7. The vlan of that access port is changed
8. The user will initiate a port bounce and re-obtain a new IP from the new vlan
I have tried something similar but turns out the new vlan cannot be assigned after the user is authenicated through the captive portal.
Any ideas?
