Specifications

ManualsBrandsEnterasys ManualsNetworkingEnterasys SecureStack B2 B2G124-24

561

562

563

564

565

566

567

568

569

570

Configuring VLAN Authorization (RFC 3580)

SecureStack B2 Configuration Guide 19-45

Configuring VLAN Authorization (RFC 3580)

Purpose

RFC3580TunnelAttributesprovideamechanismtocontainan802.1XauthenticatedoraMAC

authenticatedusertoaVLANregardlessofthePVID.Uptothreeuserscanbeconfiguredper

Gigabitport.

Pleaseseesection3‐31ofRFC3580fordetailsonconfiguringaRADIUSservertoreturn

the

desiredtunnelattributes.AsstatedinRFC3580,“...itmaybedesirabletoallowaporttobeplaced

intoaparticularVirtualLAN(VLAN),definedin[IEEE8021Q],basedontheresultofthe

authentication.”

TheRADIUSservertypicallyindicatesthedesiredVLANbyincludingtunnelattributeswithinits



Access‐Acceptparameters.However,theIEEE802.1XorMACauthenticatorcanalsobe

configuredtoinstructtheVLANtobeassignedtothesupplicantbyincludingtunnelattributes

withinAccess‐Requestparameters.

ThefollowingtunnelattributesareusedinVLANauthorizationassignment,:

•Tunnel‐Type‐VLAN(13)

•Tunnel‐Medium‐Type‐802

•Tunnel‐

Private‐Group‐ID‐VLANID

InordertoauthenticatemultipleRFC3580users,policymaptableresponsemustbesettotunnel

asdescribedinthissection.

Commands

show policy maptable response

Displaysthecurrentpolicymaptableresponsesetting.WhenVLANauthorizationisenabled(as

describedinthissection)andthepolicymaptableresponseistunnel,youcanusetheset

Notes: The B2 cannot simultaneously support Policy and RFC 3580 on the same port. If multiple

users are configured to use a port, and the B2 is then switched from "policy" mode to RFC-3580

"tunnel" mode, the total number of users supported to use a port will be reset to one.

A policy license, if applicable, is not required to run RFC3580.

For information about... Refer to page...

show policy maptable response 19-45

set policy maptable response 19-46

set vlanauthorization 19-47

set vlanauthorization egress 19-48

clear vlanauthorization 19-48

show vlanauthorization 19-49