Table of Contents
Advertisement
Configuring Universal Network Profiles
UNP Configuration Overview
There is no overall switch setting to invoke the UNP feature. Instead, UNP is enabled on individual switch
ports and profiles are created with specific attributes to determine which UNP is applied to specific traffic
received on that port.
Configuring the UNP feature consists of both profile-based and port-based configuration tasks. The tasks
associated with configuring the profiles are global tasks that apply to all UNPs on the switch. The port-
based tasks enable UNP functionality on individual ports. By default, UNP is disabled on all ports even if
profiles exist in the switch configuration.
Profile Configuration Tasks
•
Create a VLAN-based or service-based classification profile. See
page
27-33.
•
Optionally assign a QoS policy list to the profile. See
•
Optionally configure classification rules for the profile. When classification is enabled on a UNP port,
these rules are applied to traffic received on the port to determine which UNP is applied to the traffic.
See"Enabling Dynamic VLAN Profile Configuration" on page
•
Enable or disable dynamic VLAN configuration of the VLANs associated with a VLAN classification-
profile. The status of dynamic VLAN configuration is applied to all VLAN profiles. See
Dynamic VLAN Configuration" on page
•
Enable or disable dynamic configuration of VLAN classification profiles. A dynamic profile is created
only when specific traffic conditions occur on UNP bridge ports. See
Profile Configuration" on page
•
Define a temporary UNP to which devices classified on UNP bridge ports are assigned in the event the
authentication server is down or unreachable. A configurable timer is also available to specify how
long a device remains in this temporary UNP.
on page
27-40.
Port Configuration Tasks
•
Enable or disable UNP functionality on one or more switch ports. When UNP is enabled for a port,
traffic received on that port is then subject to the UNP authentication and classification configuration.
See
"Configuring UNP Port-Based Access Control" on page
•
Enable or disable MAC-based authentication. If MAC authentication is disabled, then classification
rules are applied. See
•
Specify an alternate pass UNP. When MAC authentication is successful but the RADIUS server does
not return a UNP name, the alternate pass UNP is applied to the traffic. See
Pass UNP" on page
•
Enable or disable classification for the UNP port. When classification is enabled, UNP rules are
applied to device traffic if authentication fails or is not available. See
page
27-30.
•
Configure a default UNP for the UNP port. The default UNP is applied to traffic when other classifica-
tion methods do not provide a profile name. See
OmniSwitch AOS Release 7 Network Configuration Guide
27-38.
27-35.
"Enabling MAC Authentication" on page
27-30.
"Configuring Profiles" on
"Configuring QoS Policy Lists" on page
27-35.
"Enabling Dynamic VLAN
See"Configuring an Authentication Server Down UNP"
27-28.
27-29.
"Enabling Classification" on
"Configuring a Default UNP" on page
June 2013
UNP Configuration Overview
27-37.
"Enabling
"Configuring an Alternate
27-31.
page 27-27
- Quick Links:
- Configuring Vlans
Hide quick links:
Advertisement
Table of Contents
