Name: Enterasys Matrix DFE-Gold Series
Brand: Enterasys
Rating: 4 (1 reviews)

To Next Page

To Previous Page

RADIUS Filter-ID Attribute and Dynamic Policy Profile Assignment clear cep

25-50 Authentication Configuration

RADIUS Filter-ID Attribute and Dynamic Policy Profile Assignment

IfyouconfigureanauthenticationmethodthatrequirescommunicationwithaRADIUSserver,

youcanusetheRADIUSFilter‐IDattributetodynamicallyassignapolicyprofileand/or

managementleveltoauthenticatingusersand/ordevices.

TheRADIUSFilter‐IDattributeissimplyastringthatisformattedintheRADIUSAccess‐

Accept

packetsentbackfromtheRADIUSservertotheswitchduringtheauthenticationprocess.

EachusercanbeconfiguredintheRADIUSserverdatabasewithaRADIUSFilter‐IDattribute

thatspecifiesthenameofthepolicyprofileand/ormanagementleveltheusershouldbeassigned

uponsuccessfulauthentication.During

theauthenticationprocess,whentheRADIUSserver

returnsaRADIUSAccess‐AcceptmessagethatincludesaFilter‐IDmatchingapolicyprofilename

configuredontheswitch,theswitchthendynamicallyappliesthepolicyprofiletothephysical

porttheuser/deviceisauthenticatingon.

Filter-ID Attribute Formats

EnterasysNetworkssupportstwoFilter‐IDformats—“decorated”and“undecorated.”The

decoratedformathasthreeforms:

•Tospecifythepolicyprofiletoassigntotheauthenticatinguser(networkaccess 

authentication):

Enterasys:version=1:policy=string

wherestringspecifiesthepolicyprofilename.Policyprofilenamesarecase‐sensitive.

•Tospecifyamanagementlevel(managementaccess

authentication):

Enterasys:version=1:mgmt=level

wherelevelindicatesthemanagementlevel,eitherro,rw,orsu.

•Tospecifybothmanagementlevelandpolicyprofile:

Enterasys:version=1:mgmt=level:policy=string

Theundecoratedformatissimplyastringthatspecifiesapolicyprofilename.Theundecorated

formatcannotbeusedformanagementaccessauthentication.

DecoratedFilter‐IDsareprocessed

first.IfnodecoratedFilter‐IDsarefound,thenundecorated

Filter‐IDsareprocessed.IfmultipleFilter‐IDsarefoundthatcontainconflictingvalues,aSyslog

messageisgenerated.

Setting the Authentication Login Method

Purpose

Toconfiguretheauthenticationloginmethod.

Commands

Thecommandsusedtoconfiguretheauthenticationloginmethodarelistedbelowanddescribed

intheassociatedsectionasshown:

Brand	Enterasys
Model	Matrix DFE-Gold Series
Category	Switch
Language	English

Enterasys Matrix DFE-Gold Series User Manual

Table of Contents

Questions and Answers:

Enterasys Matrix DFE-Gold Series Specifications

Related product manuals