This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

How to set up a EXOS Switch using A3

How to set up a EXOS Switch using A3

Go to solution
Yuki_Nakamura
New Contributor II

‎07-19-2021 02:37 PM

Hi All,

I have a question about MAC-based authentication via ExtremeCloud A3

I installed the following systems in my lab and tested the cooperation between ExtremeCloud A3 and EXOS Switch.
But MAC-Based authentication via ExtremeCloud A3 does not work on EXOS Switch.

1. X440-G2-24t-10GE4: Two client PC is connected to this switch.
2. ExtremeCloud A3 : Virtual machine(Standalone), ExtremeCloud A3 is connected to ExtremeCloud IQ and Active Directory.


Do you have a sample configuration of A3 for MAC-based authentication?
I confirmed the A3 Installation and Usage Guide Registration VLAN Version document but there is no?sample configuration.

Best Regards,

Yuki Nakamura.

0 Kudos
1 ACCEPTED SOLUTION

Go to solution
OscarK
Extreme Employee

‎07-20-2021 06:42 AM

Hi,

 

I tested this and no problem using A3 for Mac auth.

I used my A3 setup that I use for dot1x and the mac auth hit the default rule. A3 did send an accept and vlan attributes.

Are you sure the EXOS config is right, did you add a netlogin mac-list (required). 

Depending if you use Onepolicy or vlan you need define the roles correctly in the device settings on A3. netlogin old style (with policy disabled) you need role by vlan-id and assign the vlan-id’s to each role you use.

 

in a3, check auditing for your client and check what role it hits. If there is no client seen check radius config on A3 and exos, possibly restart A3 services to activate any changes you made.

 

View solution in original post

0 Kudos
7 REPLIES 7

Go to solution
OscarK
Extreme Employee

‎07-20-2021 07:13 AM

0820491c8de241b5b4fc697ae424fa38_d03f2b92-a478-4780-adc8-07ed3588d082.png

 

0 Kudos

Go to solution
Yuki_Nakamura
New Contributor II

‎07-20-2021 07:06 AM

Hi

Thank you for your help.
I confirmed that the EXOS config is ?correct and added a netlogin mac-list.

Please confirm about the vlan-id that you explained.
I used the Active Directory in my lab and the following information registered to Active Directory.
To which A3 orActive Directory does the vlan-id information belong?

Filter-Id = Guest,
Tunnel-Type = 13,
Tunnel-Medium-Type = 6,
Tunnel-Private-Group-Id = 101

Can you provide a sample configuration of A3 for MAC-based authentication?

Best Regards,
Yuki Nakamura.

0 Kudos

Go to solution
OscarK
Extreme Employee

‎07-20-2021 06:42 AM

Hi,

 

I tested this and no problem using A3 for Mac auth.

I used my A3 setup that I use for dot1x and the mac auth hit the default rule. A3 did send an accept and vlan attributes.

Are you sure the EXOS config is right, did you add a netlogin mac-list (required). 

Depending if you use Onepolicy or vlan you need define the roles correctly in the device settings on A3. netlogin old style (with policy disabled) you need role by vlan-id and assign the vlan-id’s to each role you use.

 

in a3, check auditing for your client and check what role it hits. If there is no client seen check radius config on A3 and exos, possibly restart A3 services to activate any changes you made.

 

0 Kudos
GTM-P2G8KFN