This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

No Netlogin VLAN option

No Netlogin VLAN option

Terren_Crider
Contributor

‎05-08-2018 06:14 PM

I'm trying to configure netlogin and I don't seem to have the option to set a netlogin vlan. Is this a licensing issue or something else I'm missing?

55e44b24b53a4f61821b3cf6e0b5ae1f_RackMultipart20180508-48004-xw6g63-netloginstuff_inline.png


0 Kudos
18 REPLIES 18

OscarK
Extreme Employee

‎05-09-2018 05:22 AM

Probably because you have enabled policy, then you cannot configure a netlogin vlan as netlogin works different with policy enabled.

0 Kudos

Terren_Crider
Contributor
In response to OscarK

‎05-09-2018 05:22 AM

Thanks. I'll give this a review and try it out.
0 Kudos

Kawawa
Extreme Employee
In response to OscarK

‎05-09-2018 05:22 AM

Hi Terren, I apologize for my earlier response, I read your response as "I do not have policy enabled".

Anyhow, the old Netlogin was VLAN dependent. An unauthenticated port had to be put somewhere while it is not authenticated, thus the need for the Netlogin VLAN. With Policy (not the ACL policy, but the XMC type of policy), the unauthenticated port can belong no where, and will be moved to its respective VLAN when tunnel attributes or the Filter-ID are passed down from RADIUS, or it can directly belong to the VLAN it will belong post authentication. It is this difference in architecture, that makes this specific configuration aspect mutually exclusive. The following outlines what changes when policy is enabled:

https://documentation.extremenetworks.com/exos_22.2/exos_21_1/onepolicy/c_netlogin-authentication.sh...


0 Kudos

Terren_Crider
Contributor
In response to OscarK

‎05-09-2018 05:22 AM

show policy state shows that policy is enabled.

Are policy and Netlogin mutually exclusive? How would I do both? And is the policy in question here the ACL/local policy, or the EMC managed policy, or both?
0 Kudos

Kawawa
Extreme Employee
In response to OscarK

‎05-09-2018 05:22 AM

Hi Terrence, please run the show policy state command to verify the status of policy. The NetLogin VLAN will only be removed from the configuration list IF policy is enabled
# enable policy
Warning: Enabling Policy will cause some Netlogin settings (such as VLANs and dynamically created VLANs) to be cleared.# show policy state
Policy is currently: ENABLED
# configure netlogin vlan
^
%% Invalid input detected at '^' marker.Once policy is disabled, the netlogin VLAN can be configured:
# disable policy
# configure netlogin vlan
NetLogin VLAN for the current Virtual RouterKind regards
0 Kudos
GTM-P2G8KFN