XOS: netlogin on sharing ports
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎09-08-2015 05:19 PM
Hi extreme-networks folks,
i want to get some ideas and statements regarding the need of the following feature:
"netlogin on sharing ports"
currently this is not possible (on XOS, EOS support that)!
To attach a server redundant to a switch i use sharing. To authenticate and for documentation issues i use Authentication (netlogin). So from my point of view is very clear to use both feature on the same port. But currently this is not possible.
What do you think about that ?
i want to get some ideas and statements regarding the need of the following feature:
"netlogin on sharing ports"
currently this is not possible (on XOS, EOS support that)!
To attach a server redundant to a switch i use sharing. To authenticate and for documentation issues i use Authentication (netlogin). So from my point of view is very clear to use both feature on the same port. But currently this is not possible.
What do you think about that ?
14 REPLIES 14
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎01-05-2018 07:05 AM
Just a second short update!
It is very important that sharing is enabled first! And after that netlogin as a second step (on the sharing master Port only!)
My customer uses Default Policies on every port - so this have to be removed also and than bind after sharing is done to the master port only.
If you wrap the sequence you get these errors: * 10.1.1.206.32 # enable sharing 1 grouping 1-2 algorithm address-based L3_L4 lacp
Error: Load sharing cannnot be enabled on ports (1) configured for Network LogIn
* 10.1.1.206.33 # If there is a Policy bind to the ports: 10.1.1.206.19 # enable sharing 1 grouping 1-2 algorithm address-based L3_L4 lacp
Error: Load sharing cannnot be enabled on ports (1) configured for Policy Convergence Endpoint (convergence-endpoint) or Admin Profile (admin-profile) rules
10.1.1.206.20 # Regards
It is very important that sharing is enabled first! And after that netlogin as a second step (on the sharing master Port only!)
My customer uses Default Policies on every port - so this have to be removed also and than bind after sharing is done to the master port only.
If you wrap the sequence you get these errors: * 10.1.1.206.32 # enable sharing 1 grouping 1-2 algorithm address-based L3_L4 lacp
Error: Load sharing cannnot be enabled on ports (1) configured for Network LogIn
* 10.1.1.206.33 # If there is a Policy bind to the ports: 10.1.1.206.19 # enable sharing 1 grouping 1-2 algorithm address-based L3_L4 lacp
Error: Load sharing cannnot be enabled on ports (1) configured for Policy Convergence Endpoint (convergence-endpoint) or Admin Profile (admin-profile) rules
10.1.1.206.20 # Regards
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎12-19-2017 12:32 PM
Just a short update.
Starting with EXOS 22.2 netlogin on sharing ports are possible:
https://gtacknowledge.extremenetworks.com/articles/Q_A/Is-Netlogin-supported-on-lag-ports
Starting with EXOS 22.4 netlogin on m-LAG ports are possible.
Starting with EXOS 22.2 netlogin on sharing ports are possible:
https://gtacknowledge.extremenetworks.com/articles/Q_A/Is-Netlogin-supported-on-lag-ports
Starting with EXOS 22.4 netlogin on m-LAG ports are possible.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎09-18-2015 11:53 AM
Hello !
In case of future requirements for automation and SDN this funktion will be essential for all this activities. Using NAC/NMS für authentication of servers you can trigger there a lot of actions helping to get a platform for automation on the complete IT infrastructure like the SDN vision.
There will be no difference between access and datacenter ports. It´s important to have the possibility to use all ports in the same way: authenticate, authorise and trigger actions based on the information from IT infrastructure (NMS, NAC, PV, 3rd-party, ...).
br
Volker
In case of future requirements for automation and SDN this funktion will be essential for all this activities. Using NAC/NMS für authentication of servers you can trigger there a lot of actions helping to get a platform for automation on the complete IT infrastructure like the SDN vision.
There will be no difference between access and datacenter ports. It´s important to have the possibility to use all ports in the same way: authenticate, authorise and trigger actions based on the information from IT infrastructure (NMS, NAC, PV, 3rd-party, ...).
br
Volker
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎09-16-2015 01:30 PM
What about Identity Management? It can detect identities through:
- FDB
- IPARP
- IPSecurity DHCP Snooping
- LLDP
- Netlogin
- Kerberos
This information can then be sent to NetSight to populate the user/host field in Identity and Access entries.
There's a script in NetSight to do this:
#######################################################################################
## The following configuration can be pushed from NetSight OneView Device IDM Script ##
#######################################################################################
enable identity-management
configure identity-management add ports
create xml-notification target netsight-target_ url https://
IP>:8443/axis/services/event vr VR-Mgmt
configure xml-notification target netsight-target_ user root
enable xml-notification netsight-target_
configure xml-notification target netsight-target_ add idMgr
#######################################################################################
- FDB
- IPARP
- IPSecurity DHCP Snooping
- LLDP
- Netlogin
- Kerberos
This information can then be sent to NetSight to populate the user/host field in Identity and Access entries.
There's a script in NetSight to do this:
#######################################################################################
## The following configuration can be pushed from NetSight OneView Device IDM Script ##
#######################################################################################
enable identity-management
configure identity-management add ports
create xml-notification target netsight-target_
IP>:8443/axis/services/event vr VR-Mgmt
configure xml-notification target netsight-target_
enable xml-notification netsight-target_
configure xml-notification target netsight-target_
#######################################################################################
