3Com 3C17300A Implementation Guide - Page 83

Auto VLAN Assignment 83 ■ allowDefaultAccess grants a device access based on the port's configured VLAN and QoS parameters. ■ blockMacAddress blocks (filters) any traffic to or from the device. Rada is similar to DUD (Disconnect Unauthorized Device), only Rada affects a single device where as DUD affects the whole port. Rada can also be used in conjunction with the existing 802.1X Secure Network Login to provide the capability to support a variety of host and network configurations. RADIUS Server settings for Rada When setting up Rada on a RADIUS server the following attributes should be taken into consideration. ■ Users must be set up on the RADIUS Server for each device that is to be authenticated, using the MAC address for username and the same MAC address for the password. ■ The username should be set as the MAC address of the device. This must be of the form of Hex digits separated by hyphens, for example '08-05-54-AB-CD-EF'. Table 7 Setting Rada attributes Attribute Framed-Protocol Service-Type Value PPP Framed Auto VLAN Assignment Auto VLAN assignment complements the basic Network Login and Rada features. It allows an appropriate VLAN configuration to be obtained from a RADIUS server when a user or device authenticates on a port. The configuration obtained will be specific to the user or device authenticated on the port. The RADIUS Server may be configured with VLAN parameters for each user or device. One or more VLANs may be configured for each user, to allow multiple VLANs to be communicated to the device requesting the user authentication. Important This section contains some important considerations when using Network Considerations Login or Rada on the Switch .