User Network Profile Configuring Authenticated VLANs
page 26-36 OmniSwitch 6800/6850/9000 Network Configuration Guide March 2008
User Network Profile
The User Network Profile feature provides the capability to have users assigned to “user roles” during
authentication. It works only with a RADIUS authentication server. The user role is returned from the
RADIUS server through the Filter-ID attribute. A mapping table is provided to look up the VLAN ID
based on the user role returned from the authentication server. AAA uses the Filter-ID attribute value
returned by the RADIUS server to lookup the corresponding profile name and assigns the user to the asso-
ciated VLAN.
• The role name is a case-sensitive ASCII string.
• If both a VLAN ID and a role name are returned by the RADIUS server, the VLAN associated with the
role name takes precedence.
• Multiple names can be mapped to the same VLAN.
The user network profile table can have a maximum of 4096 entries and contains the following two
elements:
• Name
• VLAN ID
To create the user role in the user network profile table, enter aaa user-network-profile command. For
example:
-> aaa user-network-profile name engineering vlan 100
Note. Optional. Use the show aaa user-network-profile command to display the current user network
profile table. For example:
-> show aaa user-network-profile
Role name: engineering vlan = 10
Role name: accounting vlan = 20
To Next Page
Loading...
