This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

MAC End system Rule untagged and tagged Vlan

MAC End system Rule untagged and tagged Vlan

dpanev
Contributor

Thursday

Hello everyone,

I want to create a rule in which Untagged and Tagged Vlans are passed to an End system group. MAC authentication takes place. Apparently I'm blind because it can't be that difficult. If it is, it should be started here because this is unnecessarily complicated. As a rule, I can only select tagged or untagged and define a Vlan. That makes little sense.

 

Best Regards

0 Kudos
3 REPLIES 3

Ryan_Yacobucci
Extreme Employee

Thursday

Hello,

In Control --> Policy --> Roles/Services --> Select your Role --> Click the "VLAN Egress" tab --> Specific which VLAN and it's tagging style.

If you're doing multiple egresses on Fabric Engine you need to specific the FA-VLAN-ISID=0:<isid> for untagged egress and FA-VLAN-ISID=<VLANID>:<ISID> for tagged egress. 

Usage of the RADIUS attributes lists is necessary to send multiple FA-VLAN-ISID AVPs

Thanks
-Ryan

0 Kudos

dpanev
Contributor

Thursday

Ok i know now how.....but i dont like it 😉

0 Kudos

Bartek
Contributor
In response to dpanev

6 hours ago

For EXOS/Switch Engine: Have you tried sending VSA 211: Extreme-Netlogin-Extended-Vlan? According to user guide: "This attribute specifies one or more destination VLANs that the RADIUS server sends to the switch after successful authentication." Probably you can send this attribute as Custom variable specified in Policy Mappings. I never did it myself so I'm just curious 

0 Kudos
GTM-P2G8KFN