Configuring RFC 3580 show vlanauthorization
25-60 Authentication Configuration
Configuring RFC 3580
About RFC 3580
RFC3580providessuggestionsonhow802.1xAuthenticatorsshouldleverageRADIUSasthe
backendAAAinfrastructure.RFC3580isdividedintoseveralmajorsections:RADIUS
Accounting,RADIUSAuthentication,RC4EAPOL‐Key‐FrameDiscussions,andSecurity
Considerations.Upondetection,End‐Points(PCs,IPPhones,etc.)maybeinterrogatedbythe
AAAclients
forcredentials,whichmaythenbeusedtoauthenticatetheuseranddeterminethe
serviceswhichshouldbeprovided(authorization).DuringtheexchangewiththeAAAserver,the
AAAclientwillpresentinformationdescribingtheEnd‐Pointanditself.TheAAAserverwillthen
describethelevelofservicewhich
shouldbeprovided.Thismayincludeauthenticationsuccess,
sessionduration,andclass‐of‐servicetobeprovided.
EnterasysNetworksLayer2switchesutilizetwospecificattributestoimplementtheprovisioning
ofserviceinresponsetoasuccessfulauthentication:
•AproprietaryFilter‐ID,whichdescribesaPolicyProfiletobeappliedto
theuser.(See
“RADIUSFilter‐IDAttributeandDynamicPolicyProfileAssignment”onpage 25‐50.)
•TheVLAN‐Tunnel‐Attribute;whichdefinesthebaseVLAN‐IDtobeappliedtothe user(or
possiblymappedtoanEnterasysPolicyProfile).
Purpose
ToreviewandconfigureRFC3580support.
Commands
show vlanauthorization
UsethiscommandtodisplaytheVLANAuthorizationsettings.
Syntax
show vlanauthorization [port-list] | [all]
Parameters
Defaults
Ifnoparametersarespecified,allVLANAuthorizationconfigurationinformationwillbe
displayed.
For information about... Refer to page...
show vlanauthorization 25-60
set vlanauthorization 25-61
clear vlanauthorization 25-62
port‐list (Optional)Displaystheport(s)VLANAuthorizationsetting s.
all (Optional)Displaysallport(s)VLANAuthorizationsettings.
To Next Page
Loading...
Need help?
General