Netgear GSM7328SNA 7000 Series Managed Switch Administration Guide for Softwar - Page 249
CLI: Assign VLANS Using RADIUS, VLAN assignment using RADIUS
UPC - 606449042979
View all Netgear GSM7328SNA manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 249 highlights
ProSafe 7000 Managed Switch Release 8.0.3 • After a port is in an authorized state, if any client initiates dot1x authentication, the port clears authenticated clients' states, and in the process clears the VLAN assigned to the port (if any). Then the port continues with the new client authentication and authorization process. • When a client authenticates itself initially on the network, the switch acts as the authenticator to the clients on the network and forwards the authentication request to the RADIUS server in the network. For use in VLAN assignment, the following tunnel attributes are used: • Tunnel-Type = VLAN (13) • Tunnel-Medium-Type = 802 • Tunnel-Private-Group-ID = VLANID where VLANID is 12 bits, with a value between 1 and 4094. 192.168.0.1 RADIUS server 1/0/6 Host 1/0/12 1/0/5 192.168.0.5 Switch 1/0/5 vlan2000 192.168.0.3 Host Figure 28. VLAN assignment using RADIUS In the previous figure, the switch has placed the host in the VLAN (vlan2000) based on the user details of the clients. The configureation on a RADIUS server for a user logged in as admin is: • Tunnel-Type = VLAN (13) • Tunnel-Medium-Type = 802 • Tunnel-Private-Group-ID = 2000 CLI: Assign VLANS Using RADIUS 1. Create VLAN 2000. (Netgear Switch) #network protocol none Changing protocol mode will reset ip configuration. Are you sure you want to continue? (y/n) y (Netgear Switch) #network parms 192.168.0.5 255.255.255.0 (Netgear Switch) #vlan database (Netgear Switch) (Vlan)#vlan 2000 (Netgear Switch) #exit Chapter 14. Security Management | 249