Re: Authentication issue in FAC and firewall
if I got it correctly then now you tested authentication via FAC with synced users, but user is not getting VLAN assigned properly, right ?
If so, then if you do sniff RADIUS Access-Accept (I still believe your user authenticates correctly, and so is accepted), then does that Accept contains proper AVP ? If not, then check group where do you sync the users into from AD/LDAP. Also, that group has to be in RADIUS Client config, otherwise the AVP assigned to group will not be inherited to authenticated user.