Alcatel-Lucent OmniSwitch 6850-48 - Quick Steps for Configuring User Network Profile Mobile Rules

To Next Page

To Previous Page

Quick Steps for Configuring Access Guardian Configuring Access Guardian

page 34-10 OmniSwitch AOS Release 6 Network Configuration Guide September 2009

-> show aaa user-network-profile

Role Name Vlan HIC Policy List Name

--------------------------------+-----+----+----------------------------

guest-user 500 Yes temp_rules

accounting 20 No acct_rules

See the OmniSwitch CLI Reference Guide for information about the fields in this display.

Quick Steps for Configuring User Network Profile Mobile Rules

The Group Mobility device classification policy determines the VLAN assignment for host devices using

VLAN mobile rules and User Network Profile (UNP) mobile rules. UNP mobile rules determine the

VLAN assignment for the device based on the profile applied to the device. The following quick steps

provide a brief tutorial for configuring UNP mobile rules:

1 To configure a MAC address UNP mobile rule, use the aaa classification-rule mac-address

command.

-> aaa classification-rule mac-address 00:00:2a:33:44:01 user-network-profile

name accounting

2 To configure a UNP mobile rule for a range of MAC addresses, use the aaa classification-rule mac-

address-range command.

-> aaa classification-rule mac-address-range 00:00:2a:33:44:01 00:00:2a:33:44:10

user-network-profile name accounting

3 To configure an IP address UNP mobile rule, use the aaa classification-rule ip-address command.

-> aaa classification-rule ip-address 198.4.21.1 255.255.0.0 user-network-

profile name marketing

4 To configure an Access Guardian Group Mobility device classification policy to authenticate and clas-

sify devices using UNP mobile rules, use the 802.1x supplicant policy authentication, 802.1x non-

supplicant policy authentication, 802.1x captive-portal policy authentication, or 802.1x non-suppli-

cant policy command with the group-mobility parameter. For example:

-> 802.1x 6/1 supplicant policy authentication pass group-mobility default-vlan

fail captive-portal

Note. Verify the UNP mobile rule configuration using the show aaa classification-rule command:

-> show aaa classification-rule mac-rule

MAC Address User Network Profile Name

------------------+--------------------------

00:1a:a0:b1:fa:e5 guest_user

00:b0:d0:2a:0e:2e acct_user

00:b0:d0:2a:11:60 engr_user

-> show aaa classification-rule mac-range-rule

Low MAC Address High MAC Address User Network Profile Name

------------------+-----------------+-------------------------

00:1a:a0:b1:fa:10 00:1a:0a:b1:fa:20 guest_user

00:b0:d0:2a:0e:2e 00:b0:d0:2a:0e:3a acct_user

Main Page

Alcatel-Lucent OmniSwitch 6850-48 - Quick Steps for Configuring User Network Profile Mobile Rules

Table of Contents

Other manuals for Alcatel-Lucent OmniSwitch 6850-48

Related product manuals