Extreme Networks ExtremeWare XOS Guide Manual page 353
Concepts guide
Hide thumbs
Also See for ExtremeWare XOS Guide:
- Command reference manual (2024 pages) ,
- Manual (496 pages) ,
- Command reference manual (1712 pages)
Table of Contents
Advertisement
The NetLogin-Url and NetLogin-Url-Desc attributes are used in case of Web-based login as the page to
use for redirection after a successful login. Other authentication methods will ignore these attributes.
The other attributes are used in the following order to determine the destination VLAN to use:
Extreme: Netlogin-Extended-VLAN (VSA 211)
●
Extreme: Netlogin-VLAN-Name (VSA 203)
●
Extreme: Netlogin-VLAN-ID (VSA 209)
●
IETF: Tunnel-Private-Group-ID representing the VLAN TAG as a string, but only if IETF: Tunnel-
●
Type == VLAN(13) and IETF: Tunnel-Medium-Type == 802 (6).
If none of the previously described attributes are present ISP mode is assumed, and the client remains
in the configured VLAN.
Guidelines and Examples for Using VSAs
This section contains guidelines and examples for using the Extreme Networks VSAs listed in
The examples in this section use FreeRADIUS to modify the VSA. Depending on your RADIUS server,
configuration might be different.
NOTE
For information on how to use and configure your RADIUS server, please refer to the documentation that came with
your RADIUS server.
VSA 211—Extreme: Netlogin-Extended-VLAN. The following describes the guidelines for VSA 211:
For tagged VLAN movement with 802.1x netlogin, you must use VSA 211.
●
For untagged VLAN movement with 802.1x netlogin, you can use all current Extreme Networks
●
VLAN VSAs: VSA 203, VSA 209, and VSA 211.
To specify the VLAN name or the VLAN ID, use an ASCII string; however, you cannot specify both
●
the VLAN name and the VLAN ID at the same time. If the string only contains numbers, it is
interpreted as the VLAN ID.
For tagged VLANs, specify
●
For untagged VLANs, specify
●
For movement based on the incoming port's traffic, specify
●
The behavior can be either tagged or untagged, based on the incoming port's traffic, and mimics the
behavior of VSA 203 and VSA 209, respectively.
VSA 211 Examples. The following examples use FreeRADIUS to modify the VSA to support tagged or
untagged VLANs using either the VLAN name or the VLAN ID.
Configuring VLAN names
●
The three options to use when configuring VLAN names are:
—Include before the VLAN name for a tagged VLAN
■
T
—Include before the VLAN name for an untagged VLAN
■
U
—Include before the VLAN name for movement based on the incoming port's traffic (mimics
■
*
the behavior of VSA 203)
To configure the tagged VLAN voice, do the following:
Extreme-Netlogin-Extended-VLAN = Tvoice
ExtremeWare XOS 11.3 Concepts Guide
for tagged before the VLAN name or VLAN ID.
T
for untagged before the VLAN name or VLAN ID.
U
Authenticating Users
before the VLAN name or VLAN ID.
*
Table
49.
353
Advertisement
Chapters
Table of Contents
Troubleshooting
Related Manuals for Extreme Networks ExtremeWare XOS Guide
Related Products for Extreme Networks ExtremeWare XOS Guide
- Extreme Networks ExtremeWare Command
- Extreme Networks ExtremeWare Enterprise Manager
- Extreme Networks EPICenter Guide
- Extreme Networks ExtremeXOS ScreenPlay
- Extreme Networks ExtremeWireless AP460i
- Extreme Networks ExtremeWireless AP460e
- Extreme Networks ExtremeSwitching X440-G2-24p-10GE4
- Extreme Networks ExtremeSwitching X440-G2-24t-10GE4-DC
- Extreme Networks ExtremeSwitching X440-G2-24fx-GE4
- Extreme Networks ExtremeSwitching X450-G2-24p-GE4
- Extreme Networks ExtremeSwitching X450-G2-24p-10GE4
- Extreme Networks ExtremeSwitching X460-G2-24t-10GE4
- Extreme Networks ExtremeSwitching X460-G2-24p-GE4
- Extreme Networks ExtremeSwitching X620-16x
- Extreme Networks ExtremeSwitching X670-G2-48x-4q
- Extreme Networks ExtremeSwitching X620-8t-2x