User guide

ManualsBrandsAlcatel ManualsComputer equipmentOS6602-48

401

402

403

404

405

406

407

408

409

410

AVLAN Configuration Overview Configuring Authenticated VLANs

page 20-4 OmniSwitch 6600 Family Network Configuration Guide April 2005

AVLAN Configuration Overview

Configuring authenticated VLANs requires several major steps. The steps are outlined here and described

throughout this chapter. See “Sample AVLAN Configuration” on page 20-5 for a quick overview of

implementing the commands used in these procedures.

1 Set up authentication clients. See “Setting Up Authentication Clients” on page 20-7.

2 Configure at least one authenticated VLAN. A router port must be set up in at least one authenti-

cated VLAN for the DHCP relay. See “Configuring Authenticated VLANs” on page 20-26.

3 Configure at least one authenticated mobile port. Required for connecting the clients to the switch.

See “Configuring Authenticated Ports” on page 20-28.

4 Set up the DHCP server. Required if you are using Telnet or Web browser clients. Required for any

clients that need to get IP addresses after authentication. See “Setting Up the DHCP Server” on

page 20-29.

5 Configure the authentication server authority mode. See “Configuring the Server Authority Mode”

on page 20-32.

6 Specify accounting servers for authentication sessions. Optional; accounting may also be done

through the switch logging feature in the switch. See “Specifying Accounting Servers” on page 20-35.

The following is a summary of commands used in these procedures.

Commands Used for ...

vlan authentication Enabling authentication on VLAN(s)

vlan router ip Setting up a router port on the authenticated

VLAN.

vlan port mobile

vlan port authenticate

Creating authenticated port(s)

aaa avlan dns Configuring a DNS name; required for Web

browser clients

ip helper address

aaa avlan default dhcp

ip helper avlan only

Configuring the DHCP server; required for for

Telnet and Web browser clients.

aaa vlan no Removing a user from an authenticated VLAN

aaa ldap-server

aaa radius-server

Setting up switch communication with authenti-

cation servers

aaa authentication vlan single-mode

aaa authentication vlan multiple-mode

Enabling authentication and setting the authority

mode for servers

aaa accounting vlan Specifying accounting for AVLAN sessions.