This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Netlogin mac-based VLANs with Local Database and Wildcard?

Netlogin mac-based VLANs with Local Database and Wildcard?

EtherNation_Use
Contributor II

‎01-07-2014 09:53 PM

Create Date: Jun 11 2012 7:40AM

Hi,

i have a conferencing room with 8 ports there on a BlackDiamond 8806. I want only this 8 ports to add netlogin mac-based vlan because my collegs MAC address (13 notebooks) should get the intern vlan to access all servers and files. And all other MAC's (Guests) should get access to my Guest VLAN. So is there a wildcard for the local database to add all unknown MAC addresses to my configured Guest VLAN named "GaesteNetwork".

Ive tried to use my GuestVLAN as Netlogin VLAN but this doesnt work and i dont found a wildcard for "all other MAC addresses"

Greetz Chris and thanks for help.

(from Chris_Huettner)
0 Kudos
5 REPLIES 5

EtherNation_Use
Contributor II

‎01-07-2014 09:53 PM

Create Date: Jun 12 2012 1:49PM

The netlogin default mac-list (eg. ff:ff:ff:ff:ff:ff:ff 48) is used to send the mac address found on the netlogin enabled port to the local and/or radius database. This means all mac addresses found on the interface must be sent to authentication.

The default mac-list password is the mac address in all caps.

To move your local-user into the ClientData VLAN, then create a new netlogin local-user entry with the mac address and username and password.



(from john_padilla)
0 Kudos

EtherNation_Use
Contributor II

‎01-07-2014 09:53 PM

Create Date: Jun 12 2012 6:09AM

Hi jp,

i dont know why, but now my collegs notebooks geht the failover vlan "GästeNetwork" too. No switchting to the internal VLAN. My local database seems to be good.

i dont understand the command:

conf netlogin add mac-list ff:ff:ff:ff:ff:ff:ff 48

* Extreme Networks BlackDiamond.1 # configure netlogin add mac-list ff:ff:ff:ff:ff:ff 48
WARNING: Existing entry in the table was replaced with the new password/port-list.

whats now the password for my mac-list "default" ? or should i do an extra command for:

configure add mac-list default mypassword?

and then add my collegs MAC's with

create netlogin local-user 000000000000 vlan-vsa untagged ClientData ?



EDIT:

thanks jp, i reconfigured the local database a third time and now it works. ? dont know why 😉

(from Chris_Hüttner)
0 Kudos

EtherNation_Use
Contributor II

‎01-07-2014 09:53 PM

Create Date: Jun 11 2012 3:20PM

Yes, any device that should be moved to a different VLAN other than the GUEST will have a local database entry.

(from john_padilla)
0 Kudos

EtherNation_Use
Contributor II

‎01-07-2014 09:53 PM

Create Date: Jun 11 2012 2:52PM

Hi jp,

thanks for your answer, i will give it a try ..



edit:

hi jp,

now all notebooks get the failover VLAN GästeNetwork. My 13 notebooks who should get the internal VLAN , too?

* Extreme Networks BlackDiamond.1 # sh netlogin local
Netlogin Local User Name Extended-VLAN VSA Security Profile
------------------------ ----------------------------- ----------------------
001f29b763f4 U ClientData
0022645714c4 U ClientData
00248147e97a U ClientData
0024816946b8 U ClientData
0080c83c45fb U ClientData
2c413815b772 U ClientData
64315090e9e6 U ClientData
705ab6ac1855 U ClientData
* Extreme Networks BlackDiamond.2 #



but this should be correct? my local database?



(from Chris_Hüttner)
0 Kudos
GTM-P2G8KFN