Extreme Networks

EtherNation_Use · ‎01-07-2014

Create Date: Mar 5 2013 9:02AM

HELLO,

can some one help me about NETLOGIN MAC BASE authentication configuration and sceanrio. i want to authenticate my 10 host laptop mac address
in local radius as extreme switch.please share configuration and and how host are authenticated.

i have tried with below config.

here is my config:

configure netlogin vlan nlvlan
enable netlogin mac
enable netlogin ports 4 mac
configure netlogin ports 4 mode port-based-vlans
configure netlogin ports 4 no-restart
configure netlogin add mac-list 88??1d:2a:8b:32 48 ports 4
(from keshab_maharjan)

EtherNation_Use · ‎01-07-2014

Create Date: Mar 7 2013 2:52PM

I actually ran into an issue with case-sensitivity before. Remove the command:
configure netlogin add mac-list 88??1d:2a:8b:32 48 ports 4

by running the command:
configure netlogin add mac-list 88:AE:1D:2A:8B:32 48 ports 4

Also, the username and password in the create netlogin local-user command, make sure those are uppercase too.

Hopefully, that is what is the last command that is missing from the switch. (from ethernet)

EtherNation_Use · ‎01-07-2014

Create Date: Mar 7 2013 5:48AM

please get my full config..

configure netlogin vlan vlan_10
enable netlogin mac
configure netlogin mac authentication database-order local
enable netlogin ports 4 mac
configure netlogin ports 4 mode port-based-vlans
configure netlogin ports 4 no-restart
configure netlogin add mac-list 88??1d:2a:8b:32 48 ports 4
##########################################
X250e-24tdc.19 # sh netlogin port 4
Port : 4
Port Restart : Disabled
Allow Egress : None
Vlan : vlan_10
Authentication : mac-based
Port State : Enabled
Guest Vlan : Disabled
Auth Failure Vlan : Disabled
Auth Service-Unavailable Vlan : Disabled

MAC IP address Authenticated Type ReAuth-Timer User
88??1d:2a:8b:32 0.0.0.0 No MAC 0
-----------------------------------------------
(B) - Client entry Blackholed in FDB
########################################------------------------------------------------
MAC Mode Global Configuration
------------------------------------------------

MAC Address/Mask Password (encrypted) Port(s)
-------------------- ------------------------------ ------------------------
88:AE:1D:2A:8B:32/48 4

Re-authentication period : 0 (Re-authentication disabled)
Authentication Database : Local-User database
------------------------------------------------

Port: 4, Vlan: vlan_10, State: Enabled, Authentication: mac-based
Guest Vlan : Disabled
Authentication Failure Vlan : Disabled
Authentication Service-Unavailable Vlan : Disabled

MAC IP address Authenticated Type ReAuth-Timer User
88??1d:2a:8b:32 0.0.0.0 No MAC 0
-----------------------------------------------
(B) - Client entry Blackholed in FDB

################################3

still no authentication please guide how can i verify....

(from keshab_maharjan)

EtherNation_Use · ‎01-07-2014

Create Date: Mar 6 2013 5:56PM

Try to force the switch to take the local database for MAC addresses by running the command:

configure netlogin mac authentication database-order local

Let us know if this works. (from ethernet)

EtherNation_Use · ‎01-07-2014

Create Date: Mar 6 2013 6:12AM

Thanks for reply.

i have configured netlogin user like you said.
create netlogin local-user "88AE1D28B32

but when i checked

* X250e-24tdc.16 # sh netlogin port 4
Port : 4
Port Restart : Disabled
Allow Egress : None
Vlan : nlvlan
Authentication : mac-based
Port State : Enabled
Guest Vlan : Disabled
Auth Failure Vlan : Disabled
Auth Service-Unavailable Vlan : Disabled

MAC IP address Authenticated Type ReAuth-Timer User
88??1d:2a:8b:32 0.0.0.0 No MAC 0
-----------------------------------------------
(B) - Client entry Blackholed in FDB

could you please guide me regarding how mac address are authenticated.

Thanks
(from keshab_maharjan)