1. Manuals
  2. Brands
  3. Extreme Networks Manuals
  4. Software
  5. ExtremeWare 7.2e
  6. Installation and user manual

Multiple Supplicant Support - Extreme Networks ExtremeWare 7.2e Installation And User Manual

Software version 7.2e
Hide thumbs
Table of Contents

Advertisement

Table 30: VSA definitions for web-based network login
VSA
Extreme-Netlogin
-Vlan
Extreme-Netlogin
-Url
Extreme-Netlogin
-Url-Desc
Extreme-Netlogin
-Only
Table 31: VSA definitions for 802.1x network login
VSA
Extreme-Netlogin
-Vlan
NOTE
The Extreme Networks vendor ID is 1916.

Multiple Supplicant Support

An important enhancement over the IEEE 802.1x standard, is that ExtremeWare supports multiple
clients (supplicants) to be individually authenticated on the same port. This feature makes it possible for
two client stations to be connected to the same port, with one being authenticated and the other not. A
port's authentication state is the logical "OR" of the individual MAC's authentication states. In other
words, a port is authenticated if any of its connected clients is authenticated. Multiple clients can be
connected to a single port of authentication server through a hub or layer-2 switch.
Multiple supplicants are supported in ISP mode for both web-based and 802.1x authentication. Multiple
supplicants are not supported in Campus mode. Versions of ExtremeWare previous to version 7.1.0 did
not support multiple supplicants.
The choice of web-based versus 802.1x authentication is again on a per-MAC basis. Among multiple
clients on the same port, it is possible that some clients use web-based mode to authenticate, and some
others use 802.1x.
There are certain restrictions for multiple supplicant support:
• Web-based mode will not support Campus mode for multiple supplicant because once the first MAC
gets authenticated, the port is moved to a different VLAN and therefore other unauthenticated
clients (which are still in the original VLAN), cannot have layer 3 message transactions with the
authentication server.
ExtremeWare 7.2e Installation and User Guide
Attribute Value
Type
203
String
204
String
205
String
206
Integer
Attribute Value
Type
203
String
Sent-in
Description
Access-Accept
Name of destination VLAN (must already exist
on switch) after successful authentication.
Access-Accept
Destination web page after successful
authentication.
Access-Accept
Text description of network login URL attribute.
Access-Accept
Determines if user can authenticate via other
means, such as telnet, console, SSH, or Vista.
A value of "1" (enabled) indicates that the user
can only authenticate via network login. A
value of zero (disabled) indicates that the user
can also authenticate via other methods.
Sent-in
Description
Access-Accept
Name of destination VLAN (must already exist
on switch) after successful authentication.
Network Login
155
Show Quick Links

Hide quick links:

Advertisement

Table of Contents
loading

Related Manuals for Extreme Networks ExtremeWare 7.2e

Related Content for Extreme Networks ExtremeWare 7.2e

Table of Contents