Header Only - DO NOT REMOVE - Extreme Networks

How to assign tagged VLAN and policy with NAC for user port?


Userlevel 3
Hi,
we are using NAC to assign policies and a location-dependent VLAN-ID for untagged VLANs on our User ports (Summit x450-G2- and Enterasys G3-Switches).
So we have at Control / Access Control / Configuration / Policy Mappings a policy mapping table which defines what VLAN is to be used for each profile depending on location. (f.e. profile "printer" VLAN is 20 at location A and 30 at location 😎.
At NAC configuration the setting "RADIUS-Attributes to send" for our switches is set to "RFC 3580 - VLAN-ID and Extreme Policy".

Question 1: At Policy Mappings Table the is a column "VLAN egress" which can be set to tagged, untagged, same as ingress and user-defined. When I select "tagged" here, the VLAN is still untagged at user port, maybe because RFC3580 does not include taggedd or untagged information. What must I do if I want to assign a tagged VLAN for a NAC user profile / mapping?

Question 2: Policy mapping Table is named "default". Can I use multiple mapping tables somehow?

Reply