cancel
Showing results for 
Search instead for 
Did you mean: 

Assign one untagged and several tagged ports thru 802.1x with MAC Authentication. (NAC)

Assign one untagged and several tagged ports thru 802.1x with MAC Authentication. (NAC)

Yves_Haslimann
New Contributor III
Hi,

I have an extreme NAC solution which has 802.1x-rules with MAC authentication configured.
In my network there are several VLAN's.
My goal is, to assign one untagged and several tagged VLANs to a port, if a access point is connected on the switch.
Currently, I can assign only the untagged VLAN (management VLAN of the AP).
Is there a way to assing tagged and untagged ports based on the MAC address?

Thanks for your feedback,
Yves
4 REPLIES 4

Yves_Haslimann
New Contributor III
Hi Mike,

thank you for your answer. I will test this in my lab.
Br, Yves

Mike_Thomas
Extreme Employee
So the following Net login rules apply, for the products below.

cdfc623e2c16423eaae0b3a4eca319a7_11875-1pw3rth_inline.png



If you create a end systems group within NAC for the MAC address or some other identifier for the AP's, then you can then add a specific egress policy as well. If that egress policy is just a VLAN for one physical node, than it can be modified accordingly.

cdfc623e2c16423eaae0b3a4eca319a7_14841-14ofj76_inline.png



So in the above, the policy can have a VLAN assigned discretely, or if multiple VLAN egress assignments need to be done (based on only one mac being added to the port), than a filter-id assignment would need to be provided here, and matched up with Policy Manager or policy to modify the egress tab with that software.

cdfc623e2c16423eaae0b3a4eca319a7_14841-1lwbkbj_inline.png


This assumes the X440-G2 is the product, and running fairly recent firmware with it as well.
So this is not a solution discussed above, merely guidance on the discussion.

Yves_Haslimann
New Contributor III
I will connect only one access point per switchport. I have Cisco and Extreme Switches (x440).

Mike_Thomas
Extreme Employee
What type of switch you are connected to? How many devices will be connected to this port ultimately?
GTM-P2G8KFN