Extreme Networks

M_Nees · ‎09-08-2015

Hi extreme-networks folks,

i want to get some ideas and statements regarding the need of the following feature:

"netlogin on sharing ports"

currently this is not possible (on XOS, EOS support that)!

To attach a server redundant to a switch i use sharing. To authenticate and for documentation issues i use Authentication (netlogin). So from my point of view is very clear to use both feature on the same port. But currently this is not possible.

What do you think about that ?

Matthew_Helm1 · ‎09-16-2015

Correct. I'm just trying to think of a way he could get user information where an AD domain is not present. Were LACP not used (but instead static load-sharing/nic-teaming were used), this might be possible.

dflouret · ‎09-16-2015

If the servers belong to an AD domain, he'll get user/host info. If not, he'll get IP addresses. And he said that IP addresses would do...

423d3e4e19094d9488b047419cfd874e_3307-x6saq3_inline.png

Matthew_Helm1 · ‎09-16-2015

Daniel, I was thinking that myself, but the crux of the problem is that he can't get user ID except through Kerberos snooping as he can't enable 802.1x on an LACP enabled port. If this were a virtualized environment, he could use DCM to capture VM information in NS, but I'm not sure that it is. If IP address is sufficient, this should work.

M_Nees · ‎09-16-2015

Hi Daniel,
we are using authentication not only for security reasons mostly the visibility effect is more important!

Visibility means that through RADIUS Authentication i know immediately (Netsight DB) where which device (server and any other system) is connected. From that point of view it will be very useful that netlogin and sharing will not exclude each other.

But it seems that nor very much other extreme customers using the existing featureset like we do.

M_Nees · ‎09-16-2015

Correct i use LACP! RADIUS is Enterasys NAC Gateway (= Freeradius Core)

Extreme Networks

XOS: netlogin on sharing ports

XOS: netlogin on sharing ports