Manualshelf

Specifications

ManualsBrandsEnterasys ManualsComputer equipmentSecureStack A2 A2H124-48P
521522523524525526527528529530
Security Configuration Command Set
Configuring VLAN Authorization (RFC 3580)
SecureStack A2 Configuration Guide 10-59
10.3.5 Configuring VLAN Authorization (RFC 3580)
Purpose
Please see section 3-31 of RFC 3580 for details on configuring a RADIUS server to return the
desired tunnel attributes. From RFC 3580, “... it may be desirable to allow a port to be placed into
a particular Virtual LAN (VLAN), defined in [IEEE8021Q], based on the result of the
authentication.”
The RADIUS server typically indicates the desired VLAN by including tunnel attributes within the
Access-Accept. However, the IEEE 802.1X Authenticator may also provide a hint as to the VLAN
to be assigned to the Supplicant by including Tunnel attributes within the Access-Request.
For use in VLAN assignment, the following tunnel attributes are used:
Tunnel-Type=VLAN (13)
Tunnel-Medium-Type=802
Tunnel-Private-Group-ID=VLANID
Commands
The commands used to configure RADIUS tunnel attributes are listed below and described in the
associated sections as shown.
set vlanauthorization (Section 10.3.5.1)
set vlanauthorization egress (Section 10.3.5.2)
clear vlanauthorization (Section 10.3.5.3)
show vlanauthorization (Section 10.3.5.4)