Alcatel-Lucent 6850-48 Guida Di Rete
Configuring Authenticated VLANs
AVLAN Configuration Overview
OmniSwitch AOS Release 6 Network Configuration Guide
September 2009
page 36-5
Sample AVLAN Configuration
1 Enable at least one authenticated VLAN:
-> vlan 2 authentication enable
Note that this command does not create a VLAN; the VLAN must already be created. For information
about creating VLANs, see
about creating VLANs, see
The VLAN must also have an IP router interface if Telnet or Web browser clients will be authenticating
into this VLAN. The following command configures an IP router interface on VLAN 2:
into this VLAN. The following command configures an IP router interface on VLAN 2:
-> ip interface vlan-2 address 10.10.2.20 vlan 2
2 Create and enable at least one mobile authenticated port. The port must be in VLAN 1, the default
VLAN on the switch.
VLAN on the switch.
-> vlan port mobile 3/1
-> vlan port 3/1 authenticate enable
3 Set up a DNS path if users will be authenticating through a Web browser:
-> aaa avlan dns auth.company
4 Set up a path to a DHCP server if users will be getting IP addresses from DHCP. The IP helper address
is the IP address of the DHCP server; the AVLAN default DHCP address is the address of any router port
configured on the VLAN.
is the IP address of the DHCP server; the AVLAN default DHCP address is the address of any router port
configured on the VLAN.
-> ip helper address 10.10.2.5
-> aaa avlan default dhcp 10.10.2.20
-> ip helper avlan only
Note. To check the DNS and DHCP authentication configuration, enter the
command. For example:
-> show aaa avlan config
default DHCP relay address = 192.9.33.222
authentication DNS name
= authent.company.com
For more information about this command, see the OmniSwitch CLI Reference Guide.
5 Configure the switch to communicate with the authentication servers. Use the
command. For example:
-> aaa radius-server rad1 host 10.10.1.2 key wwwtoe timeout 3
-> aaa ldap server ldap2 host 199.1.1.1 dn manager password foo base c=us
for more information about setting up external serv-
ers for authentication.