Netlogin and spanning tree


Userlevel 1
I'd like to assign a port to a vlan based on a device type. On a switch I've configured netlogin with mac authentication. It's working fine until the NAC doesn't want to assign a port to a vlan, which is part of a spanning tree. It is not working at all. Is it a normal behavior?

5 replies

Userlevel 6
Are you on EXOS 22.2 It added STP support for Netlogin on dynamic vlans.

http://documentation.extremenetworks.com/release_notes/ExtremeXOS/22.2/EXOS_Release_Notes/22.2/c_stp...
Userlevel 1
Stephen Williams wrote:

Are you on EXOS 22.2 It added STP support for Netlogin on dynamic vlans.

http://documentation.extremenetworks.com/release_notes/ExtremeXOS/22.2/EXOS_Release_Notes/22.2/c_stp...

Hi Stephen,
thank you for the advice, but we are using the X440 switches, and as I know, EXOS 22.2 and newer is just supported on the G2 series devices.We're running EXOS version 16.1.2.14.
Do you get an error? Are you using Extremes NAC (NetSight)? Are you using RFC3580?
https://gtacknowledge.extremenetworks.com/articles/How_To/How-to-configure-NAC-to-work-with-RFC3580-...
Userlevel 1
Jeremy Gibbs wrote:

Do you get an error? Are you using Extremes NAC (NetSight)? Are you using RFC3580?
https://gtacknowledge.extremenetworks.com/articles/How_To/How-to-configure-NAC-to-work-with-RFC3580-...

Hi Jeremy,
thanks for the advice. We're using Extreme NAC as you're writing and the X440 Series switches. In the NAC we are using the Extreme NetLogin - VLAN ID RADIUS Attributes profile which is working with VLANS, which are not a part of a SPT domain. But I think, the correct RADIUS Attributes profile should be the Extreme NetLogin - Vlan Name profile. I'm going to try it. I'll see if it help.
Userlevel 1
Jeremy Gibbs wrote:

Do you get an error? Are you using Extremes NAC (NetSight)? Are you using RFC3580?
https://gtacknowledge.extremenetworks.com/articles/How_To/How-to-configure-NAC-to-work-with-RFC3580-...

Hello Jeremy,
you advice helped me. The problem was in the wrong RADIUS Attributes profile. The correct profile is the Extreme Netlogin - Vlan Name profile, as I've written it before. Thanks a lot.

Reply