cancel
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 

How to use "netlogin authentication service-unavailable vlan" on Universal Switches

How to use "netlogin authentication service-unavailable vlan" on Universal Switches

JPavel
New Contributor

Hello together,

I am new with Extreme Control and got only in touch with it years ago on G1 switches.

I am just setting up some Universal Switches with 802.1x authentication and would like to have a default vlan all clients should fall into if all Control Engines are unavailable, so something like the "configure netlogin authentication service-unavailable" on the older G1 switches.

We are only using the "RFC3580 VLAN Authorization" and no policies so far and right now I have no glue how I should have a fallback vlan if the authentication services are not available because the config parameter "configure netlogin authentication service-unavailable" is not available on the Universal Switches.

Can you please give me an idea how to accomplish that.

Thanks in advance for your help

Joerg

5 REPLIES 5

Ryan_Yacobucci
Extreme Employee

Hello,

We can't create a default policy that's only triggered when Control is un-available. If Control responds with an unconfigured filter-ID the default policy is also used.

Looking at a x440g2 if I "disable policy" the command for service-unavailable is now shown:

Ryan_Yacobucci_0-1669134761022.png

If you are only using RFC 3580 I think you may be able to use this command.
Thanks
-Ryan

Ryan_Yacobucci
Extreme Employee

Hello,

Default VLAN or default policy on the port will be used in case of a RADIUS communication failure.

Please see following article: https://extremeportal.force.com/ExtrArticleDetail?an=000107144

Thanks
-Ryan

Hello Ryan,

thanks for your reply.

We need to go fore the provided solution with "authentication optional and a default admin policy".
But I don't know if the solution works the way we want it to.
We will implement this in the next days our customer site and will see if it works as we expected it to work.

Regards

Joerg

JPavel
New Contributor

Hi,

sorry, of course I meant "default role" not default policy šŸ˜‰

Regards

Joerg

GTM-P2G8KFN