Dell PowerConnect B-FCXs Configuration Manual page 586

15
Sample application
FIGURE 111
Host A MAC address is statically mapped to VLAN 1 with priority 1 and is not subjected to RADIUS
authentication. When Host B MAC address is authenticated, the Access-Accept message from the
RADIUS server specifies that Host B MAC address be placed into VLAN 2. Since Host C MAC
address is not present in the RADIUS server, Host C will be rejected by the server and its MAC
address will be placed into a restricted VLAN.
Below is the configuration for this example.
module 1 FCX-48-port-management-module
module 2 FCX-xfp-1-cx4-2-port-16g-module
vlan 1 by port
untagged ethe 0/1/10
mac-vlan-permit ethe 0/1/1 to 0/1/2
no spanning-tree
vlan 2 by port
untagged ethe 0/1/30
mac-vlan-permit ethe 0/1/1 to 0/1/2
no spanning-tree
vlan 666 name mac_restricted by port
untagged ethe 0/1/20
mac-vlan-permit ethe 0/1/1 to 0/1/2
no spanning-tree
vlan 4000 name DEFAULT-VLAN by port
no spanning-tree
vlan 4004 by port
mac-vlan-permit ethe 0/1/1
default-vlan-id 4000
ip address 10.44.3.8 255.255.255.0
ip default-gateway 10.44.3.1
radius-server host 10.44.3.111
radius-server key 1 $-ndUno
mac-authentication enable
mac-authentication max-age 60
544
Sample MAC-based VLAN configuration
Power PS1
1
PS2
2
Console
Lnk/
Act FDX
49C Lnk/ FDX
Act
49F 50F
Lnk
50C
Act
Untagged
Host station A
MAC: 0030.4888.b9fe
RADIUS Server
User: 0030.4875.3f73 (Host B)
Tunnel-Private-Group-ID = VLAN2
No profile for MAC 0030.4875.3ff5
(Host C)
13 25 37
14 26 38
Port e1
mac-vlan-permit
Hub
Untagged
Untagged
Host station B
MAC: 0030.4875.3f73 MAC: 0030.4875.3ff5
PowerConnect B-Series FCX Configuration Guide
Device
Host station C
53-1002266-01