Brocade Communications Systems Brocade ICX 6650 6650 User Manual

How multi-device port authentication works

•

Username (1) – RFC 2865

•

NAS-IP-Address (4) – RFC 2865

•

NAS-Port (5) – RFC 2865

•

Service-Type (6) – RFC 2865

•

FilterId (11) – RFC 2865

•

Framed-MTU (12) – RFC 2865

•

State (24) – RFC 2865

•

Vendor-Specific (26) – RFC 2865 

•

Session-Timeout (27) – RFC 2865

•

Termination-Action (29) – RFC 2865

•

Calling-Station-ID (31) – RFC 2865

•

NAS-Port-Type (61) – RFC 2865

•

Tunnel-Type (64) – RFC 2868 

•

Tunnel-Medium-Type (65) – RFC 2868 

•

EAP Message (79) – RFC 2579 

•

Message-Authenticator (80) RFC 3579 

•

Tunnel-Private-Group-Id (81) – RFC 2868

•

NAS-Port-id (87) – RFC 2869

Support for dynamic VLAN assignment

The Brocade multi-device port authentication feature supports dynamic VLAN assignment, where a 
port can be placed in one or more VLANs based on the MAC address learned on that interface. For 
details about this feature, refer to 

 on page 241.

Support for dynamic ACLs

The multi-device port authentication feature supports the assignment of a MAC address to a 
specific ACL, based on the MAC address learned on the interface. For details about this feature, 
refer to 

Support for authenticating multiple MAC addresses
on an interface

The multi-device port authentication feature allows multiple MAC addresses to be authenticated or 
denied authentication on each interface. The maximum number of MAC addresses that can be 
authenticated on each interface is limited only by the amount of system resources available on the 
Brocade device.

Support for dynamic ARP inspection with dynamic ACLs

Multi-device port authentication and Dynamic ARP Inspection (DAI) are supported in conjunction 
with dynamic ACLs. Support is available in the Layer 3 software images only.