EasyManuals Logo

OmniSwitch os6900 User Manual

Default Icon
942 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #728 background imageLoading...
Page #728 background image
Configuring UNP Port-Based Access Control Configuring Universal Network Profiles
page 27-28 OmniSwitch AOS Release 7 Network Configuration Guide June 2013
Enable or disable trust VLAN tag. Specifies whether or not the VLAN ID in the device packet is
trusted. When enabled, packets carrying a VLAN ID tag that matches a VLAN configured on the
switch are dynamically assigned to that VLAN. See “Configuring the Trust VLAN Tag Status” on
page 27-31.
Configuring UNP Port-Based Access Control
To provide UNP port-based network access control, MAC authentication must be enabled for the switch
and the switch must know which RADIUS server to use for authenticating devices. In addition, UNP must
be enabled on each port to make the traffic received on that port eligible for UNP device authentication
and classification.
The following sections provide more information about these procedures.
Enabling MAC Authentication
Use the aaa device-classification mac command to enable MAC authentication for the switch and spec-
ify an authentication server (or servers) to be used for authenticating non-supplicants on UNP ports. The
servers specified with this command must already be configured through the aaa radius-server command.
The following example command specifies authentication servers for authenticating non-supplicant
devices on 802.1x ports:
-> aaa device-authentication mac rad1 rad2
For more information about using MAC authentication and classifying non-supplicant devices, see
“Device Authentication and Classification” on page 27-13 and “UNP Configuration Overview” on
page 27-27.
Enabling UNP on Ports
By default, UNP is disabled on all switch ports. To enable UNP on a port, use the unp port command.
-> unp port 3/1 enable
-> unp port 4/1-10 enable
The above unp port commands enable UNP on port 1 of slot 3 and on ports 1-10 on slot 4.
To disable UNP on a port, use the disable option with unp port command.
Note. Disabling UNP on a port clears the UNP configuration for that port.
-> unp port 3/1 disable
-> unp port 4/1-10 disable
Configuring the Port Type
UNP is used to classify device traffic into either the VLAN domain or the Shortest Path Bridging (SPB)
service domain on the switch. The UNP port type determines which domain to which traffic received on
the port is classified. There are two UNP port type options: bridge (VLAN domain) and access (service
domain).

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the OmniSwitch os6900 and is the answer not in the manual?

OmniSwitch os6900 Specifications

General IconGeneral
BrandOmniSwitch
Modelos6900
CategorySwitch
LanguageEnglish