This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

XOS: netlogin on sharing ports

XOS: netlogin on sharing ports

M_Nees
Contributor III

‎09-08-2015 05:19 PM

Hi extreme-networks folks,

i want to get some ideas and statements regarding the need of the following feature:

"netlogin on sharing ports"

currently this is not possible (on XOS, EOS support that)!

To attach a server redundant to a switch i use sharing. To authenticate and for documentation issues i use Authentication (netlogin). So from my point of view is very clear to use both feature on the same port. But currently this is not possible.

What do you think about that ?

0 Kudos
14 REPLIES 14

Matthew_Helm1
Extreme Employee
In response to M_Nees

‎09-16-2015 12:57 PM

Do you use LACP for the forming of sharing groups? What is the RADIUS server? Is it FreeRadius?
0 Kudos

M_Nees
Contributor III
In response to M_Nees

‎09-16-2015 12:57 PM

To achieve simple visibility i need ip addresses or better usernames - a mac does not tell me easily which user or system is connected.
0 Kudos

Matthew_Helm1
Extreme Employee
In response to M_Nees

‎09-16-2015 12:57 PM

Is the visibility information you need simply MAC address, and possibly IP address?
0 Kudos

dflouret
Extreme Employee

‎09-16-2015 10:18 AM

Matthias,

Network login is a security feature thought to secure access to the network from ports accessible to normal employees and visitors, to make sure nobody can gain access to the network by simply plugging a device in an empty port.

Servers, on the other hand, tend to be grouped in protected environments (datacenters) with ports not available to visitors or normal employees. Datacenters have their own security measures that don't include networks login.

I imagine that network login would be disruptive in the current virtualized datacenter, where VMs can be moved from one physical server/network port to another without the VM knowing it is being moved. Because of this, the datacenter network has to include tools (e.g. Data Center Manager) to make sure that the destination port has the same configuration as the original port. If the VM is unaware of it being moved to a new port, how would it re-negotiate access through Network Login?

I don't know how easy/difficult it is to enable this, but you can always work with GTAC and your local SE to make a feature request.

0 Kudos

M_Nees
Contributor III

‎09-16-2015 07:54 AM

No other opinion? Nobody who agree with me that this is useful ?
0 Kudos
GTM-P2G8KFN