Alcatel-Lucent 6850-48 Guide De Réglage Du Réseau
Configuring Access Guardian
Quick Steps for Configuring Access Guardian
OmniSwitch AOS Release 6 Network Configuration Guide
September 2009
page 34-7
To display the number of non-802.1x users learned on the switch, use the
command:
-> show 802.1x non-supplicant
Slot MAC Authentication Classification Vlan
Port Address Status Policy Learned
-----+-----------------+----------------+--------------+--------
03/3 00:61:22:15:22:33 Failed Vlan ID 1001
03/3 00:61:22:44:75:66 Authenticated
MAC Authent
14
03/11 00:00:39:47:4f:0c Failed Vlan ID 1001
03/11 00:00:39:c9:5a:0c Authenticated Group Mobility 12
03/11 00:b0:d0:52:47:35 Authenticated Group Mobility 12
03/11 00:c0:4f:0e:70:68 Authenticated MAC Authent 14
See the OmniSwitch CLI Reference Guide for information about the fields in this display.
Quick Steps for Configuring User Network Profiles
A User Network Profile (UNP) is a configurable option for Access Guardian device classification poli-
cies. The following quick steps provide a brief tutorial on how to create a UNP and configure a device
classification policy to use the UNP to classify a device:
cies. The following quick steps provide a brief tutorial on how to create a UNP and configure a device
classification policy to use the UNP to classify a device:
-> aaa user-network-profile name guest_user vlan 500
2 To enable the Host Integrity Check option for a UNP, use the
command
with the hic enable parameter.
-> aaa user-network-profile name guest_user vlan 500 hic enable
3 To assign a list of QoS policies to a UNP, use the
command with the
policy-list-name parameter. Note that the policy list specified must already exist in the switch configura-
tion (see
tion (see
).
-> aaa user-network-profile name guest_user vlan 500 policy-list name temp_rules
4 To configure an Access Guardian device classification policy to apply a user profile, use the
command with the user-network-profile param-
eter. For example:
-> 802.1x 1/10 supplicant policy authentication user-network-profile guest_user
Note. Verify the UNP configuration using the
-> show aaa user-network-profile
Role Name
Vlan
HIC
Policy List Name
--------------------------------+-----+----+----------------------------
guest-user
500 Yes
temp_rules
accounting
20
No
acct_rules
To verify the UNP configuration for a device classification policy, use the
command: