Specifications

Configuring VLAN Authorization (RFC 3580)

21-42 Security Configuration

Configuring VLAN Authorization (RFC 3580)

Purpose

Pleaseseesection3‐31ofRFC3580fordetailsonconfiguringaRADIUSservertoreturnthe

desiredtunnelattributes.FromRFC3580,“...itmaybedesirabletoallowaporttobeplacedintoa

particularVirtualLAN(VLAN),definedin[IEEE8021Q],based ontheresultofthe



authentication.”

TheRADIUSservertypicallyindicatesthedesiredVLANbyinclud ingtunnelattributeswithin

theAccess‐Accept.However,theIEEE802.1XAuthenticatormayalsoprovideahintastothe

VLANtobeassignedtotheSupplicantbyincludingTunnelattributeswithintheAccess‐Request.

ForuseinVLANassignment,the

followingtunnelattributesareused:

•Tunnel‐Type=VLAN(13)

•Tunnel‐Medium‐Type=802

•Tunnel‐Private‐Group‐ID=VLANID

Commands

ThecommandsusedtoconfigureRADIUStunnelattributesarelistedbelow.

For information about... Refer to page...

set vlanauthorization 21-43

set vlanauthorization egress 21-43

clear vlanauthorization 21-44

show vlanauthorization 21-45