ExtremeCloud IQ- Site Engine & Extreme Management Center

Expand all | Collapse all

How to assign tagged VLAN and policy with NAC for user port?

  • 1.  How to assign tagged VLAN and policy with NAC for user port?

    Posted 10-23-2017 04:59
    Hi,
    we are using NAC to assign policies and a location-dependent VLAN-ID for untagged VLANs on our User ports (Summit x450-G2- and Enterasys G3-Switches).
    So we have at Control / Access Control / Configuration / Policy Mappings a policy mapping table which defines what VLAN is to be used for each profile depending on location. (f.e. profile "printer" VLAN is 20 at location A and 30 at location 😎.
    At NAC configuration the setting "RADIUS-Attributes to send" for our switches is set to "RFC 3580 - VLAN-ID and Extreme Policy".

    Question 1: At Policy Mappings Table the is a column "VLAN egress" which can be set to tagged, untagged, same as ingress and user-defined. When I select "tagged" here, the VLAN is still untagged at user port, maybe because RFC3580 does not include taggedd or untagged information. What must I do if I want to assign a tagged VLAN for a NAC user profile / mapping?

    Question 2: Policy mapping Table is named "default". Can I use multiple mapping tables somehow?


  • 2.  RE: How to assign tagged VLAN and policy with NAC for user port?

    Posted 01-26-2018 12:07