Header Only - DO NOT REMOVE - Extreme Networks

mac to role for VoIP Phones and TVCC


Userlevel 1
Good Evening, I am going to configure a new EMC to manage different Switch EOS and XOS.
Because I am new with this Software I want to know if is there a possibility to create a MAC to ROLE to check and put on a correct Vlan Phones and TVCC from the OUI. Is necessary insert a password for every phones/TVCC or not ? Thanks in advance Giuseppe

6 replies

Userlevel 6
Hello,

MAC to Role mapping mapping support is based on platform. Please check the following firmware support documentation to identify if your platform supports MAC to Role Mapping.

https://documentation.extremenetworks.com/release_notes/netsight/9035428_FirmwareSupport.pdf

You can configure a Mapping with mask for an OUI match. There is no tool tip in Extreme Management Center, but the format is 11:22:33:00:00:00/24. If any digits are outside of the masked range they will be turned into 0s.

This is also something that Extreme Control is very good at, and can apply policy based on MAC or MAC oui in a manageable group, with MAC to Role mappings if you have large amounts of MACs, or OUIs each one will take up a rule slot.

I'm not sure what you mean by "Is it necessary to insert a password for every phone". Could you elaborate?

Thanks
-Ryan
Userlevel 1
Good Morning, first of all thanks for your reply.
Reading around the web I found that to work with mac authentication ( or mac to role ) it was necessary create a connection to a Radius Server and put one password for every mac. I am doing some test because the target is ceate a rule to apply to all phones and to all TVCC. The next step will be UPM using EMC. Thanks and Have a nice day, Bye Giuseppe
Userlevel 6
If using an Extreme Control appliance then there is no need to create a password for every MAC. Extreme Control will successfully authenticate any MAC authentication and password without configuration. Extreme Control uses MAC authentication for visibility and policy assignment.

Thanks
-Ryan
Userlevel 6
On EXOS 22.2/22.3/22.4 MAC-to-Role Mapping seems to be possible but only at "port-level" not "device level".
Unfortunately i do not figured out how to configure that!
Userlevel 6
M.Nees wrote:

On EXOS 22.2/22.3/22.4 MAC-to-Role Mapping seems to be possible but only at "port-level" not "device level".
Unfortunately i do not figured out how to configure that!

code:

This explains how to configure:

https://emc.extremenetworks.com/content/polman/docs/l_p_at_port_prop_gen.html#mappings

configure policy profile 1 name "Innovaphone" pvid-status "enable" pvid 172 untagged-vlans 172
configure policy rule admin-profile macsource 00-90-33-00-00-00 mask 24 port-string 1 admin-pid 1
configure policy rule admin-profile macsource 00-90-33-00-00-00 mask 24 port-string 2 admin-pid 1[/code]But i have to check this in lab if it works well ...
Userlevel 6
M.Nees wrote:

On EXOS 22.2/22.3/22.4 MAC-to-Role Mapping seems to be possible but only at "port-level" not "device level".
Unfortunately i do not figured out how to configure that!

There is a bug in 22.5 - but 22.4 or 22.5 Patch2-2 works!

Reply