Configuring Non-Supplicant Policies - Alcatel-Lucent OmniSwitch 6800 Series Network Configuration Manual
Hide thumbs
Also See for OmniSwitch 6800 Series:
- Management manual (292 pages) ,
- Hardware user's manual (134 pages) ,
- User manual (32 pages)
Table of Contents
Advertisement
Configuring 802.1X
Configuring Non-supplicant Policies
Non-supplicant policies are used to classify non-802.1x devices connected to 802.1x-enabled switch ports.
There are two types of non-supplicant policies. One type uses MAC authentication to verify the non-
802.1x device. The second type does not perform any authentication and limits device assignment only to
those VLANs that are not authenticated VLANs.
To configure a non-supplicant policy that will perform MAC authentication, use the
cant policy authentication
ify one or more policies for classifying devices:
supplicant policy keywords
group-mobility
vlan
default-vlan
block
pass
fail
When multiple policies are specified, the policy is referred to as a compound non-supplicant policy. Note
that the order in which parameters are configured determines the order in which they are applied.
To configure a compound non-supplicant policy, use the pass and fail keywords to specify which policies
to apply when MAC authentication is successful but does not return a VLAN ID and which policies to
apply when MAC authentication fails. The pass keyword is implied and therefore an optional keyword. If
the fail keyword is not used, the default action is to block the device when authentication fails.
Note. When a policy is specified as a policy to apply when authentication fails, device classification is
restricted to assigning non-supplicant devices to VLANs that are not authenticated VLANs.
To configure a non-supplicant policy that will not perform MAC authentication, use the
supplicant policy
command. The following keywords are available with this command to specify one or
more policies for classifying devices
supplicant policy keywords
group-mobility
vlan
default-vlan
block
Note that this type of policy does not use 802.1x or MAC authentication. As a result, all of the available
policy keywords restrict the assignment of the non-supplicant device to only those VLANs that are non-
authenticated VLANs. The pass and fail keywords are not used when configuring this type of policy.
OmniSwitch 6800/6850/9000 Network Configuration Guide
command. The following keywords are available with this command to spec-
:
Configuring Access Guardian Policies
March 2008
802.1x non-suppli-
802.1x non-
page 27-17
Advertisement
Table of Contents
