I'm looking for documentation on setting up a Fabric Edge deployment while using NAC. If others have come across something useful, please let me know.
I'm about to go through Ludo's document on setting up Fabric to the edge and will make adjustments to suit my needs and hopefully get NAC working at the same time. If anyone else needs that document, his post is here
For reference our environment will be utilizing;
- 4x VSP 7400 for core/distribution (routing is being done here)
- 2x VSP 7400 for storage
- ~90 5420 for edge
- ~360 APs (305, 460 and 510s)
- XIQ, XIQ-SE, 2x NAC and likely Fabric manager and Analytics
Current environment is running over Cisco with 20 extreme switches running EXOS. I have configured NAC to use MAC auth and push VLANs to the current EXOS switches.
This guide should get you started: https://documentation.extremenetworks.com/ExtremeCloudIQ/HowTo/VSP_Edge_Deployment_Guide_XIQ-SE.pdf
You don't have to use Policy by the way. Alternatively you can use "Extreme VOSS - Fabric Attach" as attributes to send, so NAC returns FA-VLAN-ISID=0:%CUSTOM1% in the RADIUS Access-Accept, where %CUSTOM1% should contain the I-SID for that port (untagged in this case because of the "0:").
Enjoy, the combination of XIQ-SE, NAC and Fabric Edge rocks!