Enterasys Networks DFE-Gold Series Configuring RFC 3580, show vlanauthorization

Configuring RFC 3580 show vlanauthorization

25-60 Authentication Configuration

Configuring RFC 3580

RFC3580providessuggestionsonhow802.1xAuthenticatorsshouldleverageRADIUSasthe

backendAAAinfrastructure.RFC3580isdividedintoseveralmajorsections:RADIUS

Accounting,RADIUSAuthentication,RC4EAPOL‐Key‐FrameDiscussions,andSecurity

Considerations.Upondetection,End‐Points(PCs,IPPhones,etc.)maybeinterrogatedbythe

AAAclientsforcredentials,whichmaythenbeusedtoauthenticatetheuseranddeterminethe

serviceswhichshouldbeprovided(authorization).DuringtheexchangewiththeAAAserver,the

AAAclientwillpresentinformationdescribingtheEnd‐Pointanditself.TheAAAserverwillthen

describethelevelofservicewhichshouldbeprovided.Thismayincludeauthenticationsuccess,

sessionduration,andclass‐of‐servicetobeprovided.

EnterasysNetworksLayer2switchesutilizetwospecificattributestoimplementtheprovisioning

ofserviceinresponsetoasuccessfulauthentication:

•AproprietaryFilter‐ID,whichdescribesaPolicyProfiletobeappliedtotheuser.(See

“RADIUSFilter‐IDAttributeandDynamicPolicyProfileAssignment”onpage 25‐50.)

•TheVLAN‐Tunnel‐Attribute;whichdefinesthebaseVLAN‐IDtobeappliedtotheuser(or

possiblymappedtoanEnterasysPolicyProfile).

Purpose

ToreviewandconfigureRFC3580support.

Commands

UsethiscommandtodisplaytheVLANAuthorizationsettings.

Syntax

show vlanauthorization [port-list] | [all]

Parameters

Defaults

Ifnoparametersarespecified,allVLANAuthorizationconfigurationinformationwillbe

displayed.

For information about... Refer to page...

show vlanauthorization 25-60

set vlanauthorization 25-61

clear vlanauthorization 25-62

port‐list (Optional)Displaystheport(s)VLANAuthorizationsettings.

all (Optional)Displaysallport(s)VLANAuthorizationsettings.