cancel
Showing results for 
Search instead for 
Did you mean: 

Switch port configuration via Radius for access point

Switch port configuration via Radius for access point

LuisQ
New Contributor
Hello All,
We are migrating to Extreme AP410C access points on XOS 465 switches and would like to know the proper way to configure the ports via Clearpass Radius.  Currently I can have an Extreme access point on an HPE 2930 switch with the following configuration:  (this works!)

class ipv4 sit-apnet
match ip any any
exit
policy user sit-ap
class ipv4 sit-apnet action permit
exit
aaa authorization user-role name "AP-Bridge"
policy sit-ap
vlan-id 10
vlan-id-tagged 20,30,40
device
port-mode
exit
exit

The above config gets passed from clearpass to the the HPE switch, everytime an AP is connected to the switch.  I understand that I cannot use the same with xos switches.  So the question is, how are you guys authenticating APs on XOS and also allow the user traffic on these ports?

I have tried the following, and it seems to put the proper vlans on the port, but user traffic on the user vlans does not seem to get a dhcp address.  I remember when we tried to make it work on the HPE switches, the key was setting the port to "port-mode" so it wouldn't try to authenticate on the user vlans (because this is already done on the AP itself). 

Extreme-Netlogin-Extended-Vlan = U10;T20;T30;

I hope this makes sense.  Thanks for your time.
1 REPLY 1

StephanH
Valued Contributor III
Hello Luis,

I think this discussion will help you:
https://community.arubanetworks.com/community-home/digestviewer/viewthread?MID=26161

Regards
Stephan


------------------------------
Regards
Stephan
------------------------------
Regards Stephan
GTM-P2G8KFN