Specifications

ManualsBrandsEnterasys ManualsComputer equipmentRoamAbout RBT-8100

391

392

393

394

395

396

397

398

399

400

Assigning Authorization Attributes

RoamAbout Mobility System Software Configuration Guide 17-51

Yes inthetablemeanstheVLANissetontheroamed‐toRoamAboutSwitch,bythemechanism

indicatedbythecolumnheader.NomeanstheVLANisnotset.YesorNomeansthemechanism

doesnotaffecttheoutcome,duetoanothermechanismthatisset.

TheVLANAssigned

Bycolumnindicatesthemechanismthatisusedbytheroamed‐tosw itchto

assigntheVLAN,basedonthevariouswaystheVLANissetonthatswitch.

• LocationPolicymeanstheVLANisassignedbyalocationpolicyontheroamed‐toswitch.(The

VLANisassignedbythe

vlanvlan‐idoptionofthesetlocationpolicypermitcommand.)

• AAAmeanstheVlan‐nameattributeissetonfortheuserortheuser’sgroup,intheroamed‐to

switch’slocaldatabaseoronaRADIUSserverusedbytheroamed‐toswitchtoauthenticate 

theuser.(The

VLANisassignedbythevlan‐namevlan‐idoptionofthesetuserattr,set

usergroupattr,setmac‐user,orsetmac‐usergroupcommand.)

• keep‐initial‐vlanmeansthattheVLANisnotreassigned.Instead,theVLANassignedonthe

switchwheretheuserfirstaccessesthe

networkisretained.(Thekeep‐initial‐vlanoptionis

enabledbythesetservice‐profilenamekeep‐initial‐vlanenablecommand,enteredonthe

roamed‐toswitch.ThenameisthenameoftheserviceprofilefortheSSIDtheuseris

associatedwith.)

• SSIDmeanstheVLANisseton

theroamed‐toswitch,intheserviceprofilefortheSSIDthe

userisassociatedwith.(TheVlan‐nameattributeissetbythesetservice‐profilenameattr

vlan‐namevlan‐idcommand,enteredontheroamed‐toswitch.Thenameisthenameofthe

serviceprofilefor

theSSIDtheuserisassociatedwith.)

•AsshowninTable 17‐6,evenwhenkeep‐initial‐vlanisset,auser’sVLANcanbereassigned

byAAAoralocationpolicy.

Toenablekeep‐initial‐vlan,usethefollowingcommand:

set service-profile name keep-initial-vlan {enable | disable}

Enterthiscommandontheswitchthatwillberoamedtobyusers.

Thefollowingcommandenablesthekeep‐initial‐vlanoptiononserviceprofilesp3:

RBT-8100# set service-profile sp3 keep-initial-vlan enable

success: change accepted.

Note: The keep-initial-vlan option does not apply to Web-Portal clients. Instead, VLAN

assignment for roaming Web-Portal clients automatically works the same way as when

keep-initial-vlan is enabled. The VLAN initially assigned to a Web-Portal user is not

changed except by a location policy, AAA, or SSID default setting on the roamed-to switch.