Extreme Networks ExtremeWare XOS Guide

To Next Page

To Previous Page

Network Login

ExtremeWare XOS 11.3 Concepts Guide

352

Add the following line to the RADIUS server users file for netlogin-only disabled users:

Extreme:Extreme-Netlogin-Only = Disabled

Add the following line to the RADIUS server users file for netlogin-only enabled users:

Extreme:Extreme-Netlogin-Only = Enabled

Table 49 contains the Vendor Specific Attribute (VSA) definitions for web-based, MAC-based, and 802.1x

network login. The Extreme Network Vendor ID is 1916.

Table 50 contains the standard RADIUS attributes used by network login.

Table 49: VSA Definitions for Web-based, MAC-based, and 802.1x network login

VSA

Vendor

Type

Type Sent-in Description

Extreme: Netlogin-

Extended-VLAN

211 String Access-Accept Name or ID of the destination VLAN after

successful authentication (must already exist on

switch).

NOTE: When using this attribute, specify

whether the port should be moved tagged or

untagged to the VLAN. Please see the guidelines

listed on page 353 for more information.

Extreme: Netlogin-

VLAN-Name

203 String Access-Accept Name of destination VLAN after successful

authentication (must already exist on switch).

Extreme: Netlogin-

VLAN-ID

209 Integer Access-Accept ID of destination VLAN after successful

authentication (must already exist on switch).

Extreme: Netlogin-URL 204 String Access-Accept Destination web page after successful

authentication.

Extreme: Netlogin-

URL-Desc

205 String Access-Accept Text description of network login URL attribute.

Extreme: Netlogin-Only 206 Integer Access-Accept Indication of whether the user can authenticate

using other means, such as telnet, console,

SSH, or Vista. A value of “1” (enabled)

indicates that the user can only authenticate via

network login. A value of zero (disabled)

indicates that the user can also authenticate via

other methods.

Table 50: Standard RADIUS attributes used by network login

Attribute

Value

Type Sent-in Description

IETF: Tunnel-Type 64 Integer Access-Accept Specifies the tunneling protocol

that is used.

IETF: Tunnel-Medium-Type 65 Integer Access-Accept Specifies the transport medium

used when creating a tunnel for

protocols (for example, VLANs) that

can operate over multiple

transports.

IETF: Tunnel-Private-Group-ID 81 String Access-Accept Specifies the VLAN ID of the

destination VLAN after successful

authentication; used to derive the

VLAN name.

Main Page

Extreme Networks ExtremeWare XOS Guide - Page 352

Table of Contents

Related product manuals