This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Return only VLAN RADIUS VSA to Fabric Auto-Sense Port

Return only VLAN RADIUS VSA to Fabric Auto-Sense Port

Go to solution
Configterminal
Contributor

‎07-15-2024 07:45 AM

Hi - does anyone know if its possible to keep all ports on a Fabric Switch with Auto-Sense configured and return only the VLAN VSA from a RADIUS server?  The VLAN to I-SID association will already be configured on the switch manually.

This is similar to the VSA's returned to an ERS switch running in FA Standalone Proxy Mode as so (no I-SIDS necessary).  It appears like a FLEX-UNI port (which the port becomes after auto-sense detects a client) requires an I-SID association to the VLAN.

FA-VLAN-ISID='48:0'
FA-VLAN-ISID='64:0'
FA-VLAN-ISID='72:0'
FA-VLAN-ISID='76:0'
FA-VLAN-ISID='108:0'
FA-VLAN-PVID='108'

0 Kudos
1 ACCEPTED SOLUTION

Go to solution
Configterminal
Contributor
In response to Miguel-Angel_RO

‎07-19-2024 05:25 AM - edited ‎07-19-2024 05:27 AM

Thanks for the Workflow, I will take a look at it.  But I would actually argue that the solution I came to is easier to manage.  You just create a Custom Variable per site called "AutoISIDOffset" and as part of ZTP+ the Fabric Switch can configure itself with the offset.  Then with XIQ-SE all you need to do is send back Extreme-Dynamic-Client-Assignments=create=vlan,pv=10,ev=U,vn=DATA and its a single policy mapping for all sites.  

E.g.: If site one has an Auto-ISID-Offset configured as 1000 and you send back VLAN 10 it will auto configure the ISID to be 1010.

If site two has an Auto-ISID-Offset configured as 2000 and you send back VLAN 10 it will auto configure the ISID to be 2010.

Kind of a neat feature that's not really talked about that I happened to stumble across.

View solution in original post

5 REPLIES 5

Go to solution
chucks1
New Contributor
In response to Configterminal

‎03-25-2025 07:03 PM

I know this is a somewhat old post, but I have been trying to find a way to utilize auto-isid-offset combined with just the VLAN number being pushed from Control and this method appears to work as expected.  This is a much simpler and cleaner way to manage an environment with dozens of VLANs and many sites which all utilize the same VLAN numbers at each site.

 

0 Kudos
GTM-P2G8KFN