NAC Private VLAN / Protected Port

  • 0
  • 1
  • Question
  • Updated 1 year ago
  • Answered

how is it possible to define a port as protected port via NAC (Maybe Radius Attributes)?
The aim is a private vlan implementation for some users.
Is it also possible for multiuser authentification at one edge port?

Photo of Ronny Engelhardt

Ronny Engelhardt

  • 310 Points 250 badge 2x thumb

Posted 3 years ago

  • 0
  • 1
Photo of Yacobucci, Ryan

Yacobucci, Ryan, Multi-Tier Technical Support Engineer

  • 5,734 Points 5k badge 2x thumb
Hello Ronny,

It is not possible to set a protected port via NAC  or RADIUS attributes. You can define a VLAN to be used, but the "protected port" feature that prevents protected ports from seeing other protected port traffic is not possible.

It is possible for multi-user authentication at one edge port. Different model switches have different user limitations so I would recommend that you check the release notes for the device you're looking into to determine specific user count limitations.

Photo of M.Nees

M.Nees, Embassador

  • 9,958 Points 5k badge 2x thumb
Defining "protected ports" aka "private vlans" is a nice feature request.

on my current project is was nice if this would be possible but it is not!
Photo of M.Nees

M.Nees, Embassador

  • 9,958 Points 5k badge 2x thumb
on EXOS you can use "port isolation" - see at my other tread "Feature "Protected Port" needed - EXOS and S-Series"