This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Netlogin with AP on G1's, before AP Aware?

Netlogin with AP on G1's, before AP Aware?

Anonymous
Not applicable

‎12-30-2021 05:13 PM

Hi,

Before the onset of G2 switches with policy and the ability to utilise AP Aware, I remember seeing an article that configured netlogin to simulate it?

In essence it replicates what AP Aware does on the switch and allows authentication to be performed on just the AP and not all end-systems coming through it.

Have tried to track down the information but been struggling.

Hoping someone might remember and point me in the right direction.

Many thanks in advance.
0 Kudos
5 REPLIES 5

DAVIDM
New Contributor

‎01-26-2022 12:58 PM

Hi Martin,

Did you succeed to do "AP Aware" without policy profile on EXOS ?

I'm trying to do the same thing but I don't know how to do this without Policy Profile.
As Policy Profile disable some netlogin features (Radius enforcement Vlan) and is limited to 64 profiles, I'm not sure this is the right way to handle AP auth and Wireless end-systems Auth.

Thanks !
0 Kudos

Anonymous
Not applicable
In response to DAVIDM

‎01-26-2022 01:21 PM

Hi David,

Apologies, not found the solution yet.

Pretty sure there was a GTAC article on it, even somewhere in my notes, but extensive searching has not turned anything up yet.

If I find out will post straight away.

Thanks,

Martin
0 Kudos

DAVIDM
New Contributor
In response to Anonymous

‎01-27-2022 03:44 AM

Thank you for your quick reply.

So AP cannot be connected to a netlogin port, as auth-override is not possible without policy profile ?

0 Kudos

Anonymous
Not applicable
In response to DAVIDM

‎01-27-2022 04:53 AM

Hi David,

It can, the issue is without AP Aware (Auth-Override) and you have a bridge@AP topology, any authentication taking place on the AP will also get authenticated again on the switch port.

Had another good look around, but not got much further.

Not sure if the answer is within this command:

configure netlogin ports [all | port_list] [allowed-users allowed_users | authentication mode [optional | required] | trap [all-traps | no-traps |[{success} {failed} {terminated} {max-reached}]]]

Where possibly you can set the allowed-users to 1? Not sure if that will be the AP itself, which is all you really want.

Maybe worth a go, and look at the netlogin sessions to see if it is as expected?
0 Kudos
GTM-P2G8KFN