Extreme Networks

Bernd_Gruetzke · ‎12-09-2018

Environment:
Extreme Management Center 8.1.5.22
Switches D2, B5, S-Serie, X-440, EOX-Stack
Switches configured with RFC3850, "set policy maptable response both and policy"
"RFC3850 vlan authorization enabled" and "Filter ID With VLAN Tunnel Attribute".

Symtoms:
no tagged vlan will distributed to the required port .

For instance D2:

show port egress
Port Vlan Egress Registration
Number Id Status Status
------------------------------------------------------------
ge.1.1 1 untagged static
ge.1.1 123 untagged etsysPolicyProfile
ge.1.7 1 untagged static
ge.1.7 250 untagged etsysPolicyProfile
ge.1.12 123 tagged static
ge.1.12 196 tagged static
ge.1.12 250 tagged static

Bernd_Gruetzke · ‎12-14-2018

Hi Tomasz and Zdenek,

thanks for your tips. I will check all that again. I only have one question left, is the vlan egress a radius attribute or is it provided by the policy mapping?

Best Bernd

Ronald_Dvorak · ‎12-09-2018

Is the role set to VLAN egress tagged ?!

Result:
B5(su)->show port egress ge.1.1
Port Vlan Egress Registration
Number Id Status Status
------------------------------------------------------------
ge.1.1 1 untagged static
ge.1.1 100 tagged etsysPolicyProfile
B5(su)->

Bernd_Gruetzke · ‎12-10-2018

Hello Zdenek,

thanks for your prompt answer. First I set the policy mapping as vlan tagged, only at access control, not at policy.....

Second I create the profile...

And third I create the rule....

At this moment I won´t use any Policy Roles, I will use it later if it is necessary. I this the wrong way or should I use already Policy Roles at this point too?

Best Bernd

Zdeněk_Pala · ‎12-09-2018

I suggest to use policy to define if you want untagged or tagged vlan to be assigned to egress.
set policy profile....

Regards Zdeněk Pala

Extreme Networks

NAC mappings does not distribute tagged vlans

NAC mappings does not distribute tagged vlans