Configuring Access Guardian Configuring Port-Based Network Access Control
OmniSwitch AOS Release 8 Network Configuration Guide December 2017 page 28-41
802.1x Bypass = Disabled,
802.1x failure-policy = default,
Mac-auth allow-eap = -,
Mac authentication = Enabled,
Mac Pass Alternate Profile = -,
Classification = Enabled,
Trust-tag = Enabled,
Default Profile = -,
Port Domain Num = 0,
AAA Profile = -,
Port Template = bridgeDefaultPortTemplate,
Port Control Direction = Both,
Egress Flooding = Not Allowed,
Admin State = Enabled,
Dynamic Service = -,
PVLAN Port Type = -,
802.1x Parameters:
Tx-Period = 30,
Supp-Timeout = 30,
Max-req = 2
For more information about the commands described in this section, see the “Access Guardian
Commands” chapter in the OmniSwitch AOS Release 8 CLI Reference Guide.
Using UNP Port Templates
A UNP port template is a configuration entity that provides flexible assignment of a pre-defined UNP port
configuration to specific ports. Using a port template to configure UNP functionality on a port or link
aggregate avoids having to configure each parameter with a separate CLI command. Applying a port
template also provides an easy way to replicate a specific configuration on multiple UNP ports.
A UNP port template is used to define and apply the UNP port configuration settings that are described in
“Configuring UNP Port Parameters” on page 28-38.
Default Port Templates
There are two default UNP port templates: “bridgeDefaultPortTemplate” (applied to UNP bridge ports)
and “accessDefaultPortTemplate” (applied to UNP access ports). These templates define a default set of
port parameter values that are applied at the time a port or link aggregate is configured as a UNP bridge or
access port. The default templates cannot be deleted, but the template parameter values are configurable.
Configuring Port Templates
Configuring a custom UNP port template is supported. This is particularly useful when different parameter
values are required for one or more UNP ports. To create a custom port template, use the unp port-
template command. For example, the following commands create two custom port templates
(“portTemplate-1” and “portTemplate-2”) and configure parameter values for each template:
-> unp port-template portTemplate-1
-> unp port-template portTemplate-1 mac-authentication
-> unp port-template portTemplate-1 mac-authentication pass-alternate AltUNP
-> unp port-template portTemplate-1 classification
Note. When a custom port template is assigned to a UNP port, the parameter values defined in the template
will override any existing UNP port configuration. In addition, any attempt to explicitly configure a UNP
port parameter for a port that is associated with a custom template is not allowed.
To Next Page
Loading...
