Dell PowerConnect W Clearpass 100 Software Extreme XOS Integration Guide
Dell PowerConnect W Clearpass 100 Software Manual
 |
View all Dell PowerConnect W Clearpass 100 Software manuals
Add to My Manuals
Save this manual to your list of manuals |
Dell PowerConnect W Clearpass 100 Software manual content summary:
- Dell PowerConnect W Clearpass 100 Software | Extreme XOS Integration Guide - Page 1
amigopod Integration Guides - Extreme XOS Dated Tested: AmigoPod Version: Plugins Required: Extreme Hardware Extreme S/W Version: Integration: 13 June 2007 EngineÆ0.99.35, Radius ServicesÆ 0.6.10 Standard build only X450 (other XOS platforms should be supported) EXOS 12.x HTTP Captive Portal - Dell PowerConnect W Clearpass 100 Software | Extreme XOS Integration Guide - Page 2
amigopod Integration Guides - Extreme XOS Step 1: Starting with the X450 in a default configuration state, create three VLANs to represent the following roles in the network design: 1. VLAN to - Dell PowerConnect W Clearpass 100 Software | Extreme XOS Integration Guide - Page 3
extremenetworks.com" configure netlogin banner "" Step 5: Configure DHCP Service for the unsecured VLAN to allow visitor laptops to automatically authentication and accounting ports are 1812 and 1813 respectively. The following XOS commands configure the required AAA components to support Web Login - Dell PowerConnect W Clearpass 100 Software | Extreme XOS Integration Guide - Page 4
amigopod Integration Guides - Extreme XOS Step 7: Now that a fixed IP Address has been defined for the Extreme X450 switch, this needs to be defined within the amigopod configuration. Typically, the amigopod software is installed on an appliance or server with a fixed IP Address and potentially a - Dell PowerConnect W Clearpass 100 Software | Extreme XOS Integration Guide - Page 5
amigopod Integration Guides - Extreme XOS Step 8 Once successfully logged into the AmigoPod administration interface, you will be presented with the AmigoPod Home Page where the RADIUS Services section can be accessed. Click on RADIUS Services on the screen shown below: copyright © 2007 amigopod pty - Dell PowerConnect W Clearpass 100 Software | Extreme XOS Integration Guide - Page 6
amigopod Integration Guides - Extreme XOS Step 9 From the Radius Services menu, select Network Access Servers: copyright © 2007 amigopod pty ltd. - Dell PowerConnect W Clearpass 100 Software | Extreme XOS Integration Guide - Page 7
amigopod Integration Guides - Extreme XOS Step 10 Being a new install, there are currently no NAS entries defined. Click on the Create icon at the top of the page shown below: copyright © 2007 amigopod pty ltd. - Dell PowerConnect W Clearpass 100 Software | Extreme XOS Integration Guide - Page 8
amigopod Integration Guides - Extreme XOS Step 11 Fill out the details of the Create NAS form based on the IP Addressing details defined for the Extreme Switch on - Dell PowerConnect W Clearpass 100 Software | Extreme XOS Integration Guide - Page 9
amigopod Integration Guides - Extreme XOS Step 12 Once the NAS has been created, of the screen and the button below should be clicked to initiate a restart of the RADIUS services. Once the RADIUS services have restarted the next step is to create the RADIUS Vendor Specific Attributes (VSA) required - Dell PowerConnect W Clearpass 100 Software | Extreme XOS Integration Guide - Page 10
amigopod Integration Guides - Extreme XOS Step 13 Being a new install, there are currently no Extreme Specific User Roles defined. A User Role is in this style of configuration. For more information on these attributes please refer to the Extreme XOS Concepts Guide: copyright © 2007 amigopod pty ltd. - Dell PowerConnect W Clearpass 100 Software | Extreme XOS Integration Guide - Page 11
amigopod Integration Guides - Extreme XOS Click on the Create a new role - this role will include the Extreme Vendor Specific Attributes: copyright © 2007 amigopod pty ltd. - Dell PowerConnect W Clearpass 100 Software | Extreme XOS Integration Guide - Page 12
amigopod Integration Guides - Extreme XOS Step 14: Name the Role for example as Extreme-Guest and give it a brief description and then save the changes. copyright © 2007 amigopod pty ltd. - Dell PowerConnect W Clearpass 100 Software | Extreme XOS Integration Guide - Page 13
amigopod Integration Guides - Extreme XOS Step 15: Once the User Role has been created and saved, start adding the Extreme VSA attributes using the Add Attribute button shown below. For example, this is adding the Extreme Netlogin Vlan VSA 203 copyright © 2007 amigopod pty ltd. - Dell PowerConnect W Clearpass 100 Software | Extreme XOS Integration Guide - Page 14
amigopod Integration Guides - Extreme XOS Step 16: This example is adding the Extreme Netlogin Only VSA 206. copyright © 2007 amigopod pty ltd. - Dell PowerConnect W Clearpass 100 Software | Extreme XOS Integration Guide - Page 15
amigopod Integration Guides - Extreme XOS Step 17: This example is adding the Extreme URL Redirect VSA 204. copyright © 2007 amigopod pty ltd. - Dell PowerConnect W Clearpass 100 Software | Extreme XOS Integration Guide - Page 16
amigopod Integration Guides - Extreme XOS Step 18: Once these basic VSAs have been added, save the changes and the screen will be returned to the User Roles page where the new role can be viewed: Now the solution is ready to test - connect a test laptop to any of the port 9 - 16 on the unsecured - Dell PowerConnect W Clearpass 100 Software | Extreme XOS Integration Guide - Page 17
amigopod Integration Guides - Extreme XOS Step 19: Now that the test laptop is successfully connected to the unsecured VLAN, the only step remaining is to login as a guest user. To do this a test user must exist in the amigopod database. Returning back to the amigopod Web interface, select Guest - Dell PowerConnect W Clearpass 100 Software | Extreme XOS Integration Guide - Page 18
Integration Guides - Extreme XOS Step 18: Selecting the Create New Guest Account option will present the following form that can be completed with the details of your test user. Fill out details of the test user including how long the user should have access to the internet from the Account Expiry - Dell PowerConnect W Clearpass 100 Software | Extreme XOS Integration Guide - Page 19
amigopod Integration Guides - Extreme XOS Step 19: After clicking on the Create Account button, the new user account will be more information on creating and defining Print Receipt Templates please see the amigopod User Guide). Note: Guest Username This will be required at a later step. Note: - Dell PowerConnect W Clearpass 100 Software | Extreme XOS Integration Guide - Page 20
amigopod Integration Guides - Extreme XOS Step 20: Returning back to the test laptop now, open up a web browser such as Internet Explorer or Firefox and assuming a Home Page is configured the browser will automatically attempt to connect - Dell PowerConnect W Clearpass 100 Software | Extreme XOS Integration Guide - Page 21
Guides still left on the Test User's account as shown below: If you have experienced any issues setting up this integration with amigopod please step back through the document and verify the configuration. If the problem has not been resolved, please contact amigopod on support
-
1 -
2 -
3 -
4 -
5 -
6 -
7 -
8
-
9
-
10
-
11
-
12
-
13
-
14
-
15
-
16
-
17
-
18
-
19
-
20
-
21
 |
 |
amigopod Integration Guides – Extreme XOS
copyright © 2007
amigopod pty ltd.
Dated Tested:
13 June 2007
AmigoPod Version:
Engine
0.99.35, Radius Services
0.6.10
Plugins Required:
Standard build only
Extreme Hardware
X450 (other XOS platforms should be supported)
Extreme S/W Version:
EXOS 12.x
Integration:
HTTP Captive Portal
Overview:
The Extreme range of Ethernet switches are based on a common operating system known as
ExtremeXOS. ExtremeXOS is a highly resilient, modular operating system that provides continuous
uptime, manageability and operational efficiency, including many advanced port security and NAC
features. The switch used for the integration testing was a Summit X450. The highly flexible Summit
X450e switch provides high-density gigabit plus optional 10 Gigabit Ethernet ports in a compact 1RU
format, supporting a wide range of Layer 2 to Layer 4 functionalities on every port.
Integration:
The key feature of the ExtremeXOS used to integrate with amigopod is its ability to support what
Extreme call their Network Login feature set. Network login controls the admission of user packets into a
network by allowing MAC addresses from users that are properly authenticated. Network login is
controlled on a per port basis. When network login is enabled on a port, that port does not forward any
packets until authentication takes place.
Network login is capable of three types of authentication: web-based, MAC-based, and 802.1x. In
addition, network login has two different modes of operation: Campus mode and ISP mode. The
authentication types and modes of operation can be used in any combination.
When web-based network login is enabled on a switch port, that port is placed into a non-forwarding
state until authentication takes place. To authenticate, a user must open a web browser and provide the
appropriate credentials. These credentials are either approved, in which case the port is placed in
forwarding mode, or not approved, in which case the port remains blocked. You can initiate user logout
by submitting a logout request or closing the logout window.
Currently EXOS only supports the use of the internally hosted authentication page although from version
12.x onwards the look and feel of this page can be heavily customized. Nonetheless, currently this
restriction prevents the use of the amigopod Web Logins feature that allows fully customizable external
authentication pages.