How to assign tagged VLAN and policy with NAC for user port?

  • 0
  • 1
  • Question
  • Updated 5 months ago
  • Answered
  • (Edited)
Hi,
we are using NAC to assign policies and a location-dependent VLAN-ID for untagged VLANs on our User ports (Summit x450-G2- and Enterasys G3-Switches).
So we have at Control / Access Control / Configuration / Policy Mappings a policy mapping table which defines what VLAN is to be used for each profile depending on location. (f.e. profile "printer" VLAN is 20 at location A and 30 at location B).
At NAC configuration the setting "RADIUS-Attributes to send" for our switches is set to "RFC 3580 - VLAN-ID and Extreme Policy".

Question 1: At Policy Mappings Table the is a column "VLAN egress" which can be set to tagged, untagged, same as ingress and user-defined. When I select "tagged" here, the VLAN is still untagged at user port, maybe because RFC3580 does not include taggedd or untagged information. What must I do if I want to assign a tagged VLAN for a NAC user profile / mapping?

Question 2: Policy mapping Table is named "default". Can I use multiple mapping tables somehow?
Photo of htw

htw

  • 1,144 Points 1k badge 2x thumb

Posted 8 months ago

  • 0
  • 1
Photo of Doug Hyde

Doug Hyde, Technical Support Manager

  • 20,192 Points 20k badge 2x thumb