Configuring Universal Network Profiles Quick Steps for Configuring UNP
OmniSwitch AOS Release 7 Network Configuration Guide June 2013 page 27-5
3 Use the unp auth-server-down-timeout command to configure how long a device remains in the
authentication server down UNP. The timer is set to 60 seconds by default and is triggered when a device
is learned in the authentication server down UNP.
-> unp auth-server-down-timeout 120
Note. Verify the UNP global parameter configuration using the show unp global configuration
command. For example:
-> show unp global configuration
Dynamic Vlan Configuration : Enabled,
Auth Server Down UNP : temp_unp,
Auth Server Down Timeout (Sec) : 120
See the OmniSwitch CLI Reference Guide for information about the fields in this display.
Quick Steps for Configuring UNP Port Parameters
By default UNP functionality is disabled on all switch ports. The commands described in this section are
used to enable UNP on one or more switch ports and configure authentication and classification parame-
ters that are applied to device traffic received on that port.
1 Use the unp port command to enable UNP functionality on one or more switch ports. Once enabled,
the port becomes eligible for dynamic assignment based on UNP authentication and classification.
-> unp port 1/10-25 enable
2 Use the unp default-vlan-profile command to designate an existing profile as the default UNP for the
port. Devices are assigned to the default profile when UNP authentication and classification is not avail-
able or is unsuccessful.
-> unp port 1/10 default-unp def_unp1
3 Use the unp mac-authentication command to enable MAC authentication on the port.
-> unp port 1/10 mac-authentication enable
4 Use the unp mac-authentication pass-alternate command to designate and existing profile to which a
device is assigned if successful MAC authentication does not return a UNP name.
-> unp port 1/10 pass-alternate-unp alt_unp1
5 Use the unp classification command to enable classification on the port. When enabled, UNP classifi-
cation rules are applied to device traffic received on the port when MAC authentication is not available or
unsuccessful. See “Quick Steps for Configuring UNP Classification Rules” on page 27-6.
-> unp port 1/10 classification enable
6 Use the unp port trust-tag command to specify that UNP should assign the device to an existing
VLAN that matches the VLAN ID tag of the device packets. When enabled, this type of dynamic port
assignment is done when the device is not classified by other UNP classification methods.
-> unp port 1/10 trust-tag enable
Note. Verify the UNP port configuration using the show unp port command. For example:
To Next Page
Loading...
Need help?
General