This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

XOS: netlogin on sharing ports

XOS: netlogin on sharing ports

M_Nees
Contributor III

‎09-08-2015 05:19 PM

Hi extreme-networks folks,

i want to get some ideas and statements regarding the need of the following feature:

"netlogin on sharing ports"

currently this is not possible (on XOS, EOS support that)!

To attach a server redundant to a switch i use sharing. To authenticate and for documentation issues i use Authentication (netlogin). So from my point of view is very clear to use both feature on the same port. But currently this is not possible.

What do you think about that ?

0 Kudos
14 REPLIES 14

Matthew_Helm1
Extreme Employee
In response to dflouret

‎09-16-2015 01:30 PM

Correct. I'm just trying to think of a way he could get user information where an AD domain is not present. Were LACP not used (but instead static load-sharing/nic-teaming were used), this might be possible.
0 Kudos

dflouret
Extreme Employee
In response to dflouret

‎09-16-2015 01:30 PM

If the servers belong to an AD domain, he'll get user/host info. If not, he'll get IP addresses. And he said that IP addresses would do...

423d3e4e19094d9488b047419cfd874e_3307-x6saq3_inline.png



0 Kudos

Matthew_Helm1
Extreme Employee
In response to dflouret

‎09-16-2015 01:30 PM

Daniel, I was thinking that myself, but the crux of the problem is that he can't get user ID except through Kerberos snooping as he can't enable 802.1x on an LACP enabled port. If this were a virtualized environment, he could use DCM to capture VM information in NS, but I'm not sure that it is. If IP address is sufficient, this should work.
0 Kudos

M_Nees
Contributor III

‎09-16-2015 12:57 PM

Hi Daniel,
we are using authentication not only for security reasons mostly the visibility effect is more important!

Visibility means that through RADIUS Authentication i know immediately (Netsight DB) where which device (server and any other system) is connected. From that point of view it will be very useful that netlogin and sharing will not exclude each other.

But it seems that nor very much other extreme customers using the existing featureset like we do.

0 Kudos

M_Nees
Contributor III
In response to M_Nees

‎09-16-2015 12:57 PM

Correct i use LACP! RADIUS is Enterasys NAC Gateway (= Freeradius Core)
0 Kudos
GTM-P2G8KFN