Alcatel-Lucent 6850-48 ネットワークガイド

Configuring Authenticated Ports

Configuring Authenticated VLANs

page 36-28

OmniSwitch AOS Release 6 Network Configuration Guide

By default, authenticated VLANs do not support port binding rules. These rules are used for assigning 
devices to authenticated VLANs when device traffic coming in on an authenticated port matches criteria 
specified in the rule. 

You can globally enable the switch so that port binding rules may be enabled on any authenticated VLAN 
on the switch.

The port binding rule types that are allowed on authenticated VLANs are as follows:

• MAC-Port-IP address

• MAC-Port

The MAC-port-protocol, MAC-IP address, port-IP address, and Port-Protocol binding rules are not 
supported on authenticated VLANs. In addition to the above binding rule types, however, a MAC range 
rule may also be applied to authenticated ports. For more information about port binding and MAC range 
rules and how to configure them, see 

To enable port binding and MAC range rules on authenticated VLANs, use the 

command with the enable keyword.

-> avlan port-bound enable

This command allows some port binding rules (MAC-Port-IP address, MAC-Port, Port-IP address, and 
MAC-Port-Protocol) and MAC range rules to be used on any authenticated VLAN.

To disable port binding rules on authenticated VLANs, use the disable keyword with the command:

-> avlan port-bound disable

This command disables port binding rules on all authenticated VLANs.

At least one mobile port must be configured as the physical port through which authentication clients 
connect to the switch.

To create a mobile port, use the 

-> vlan port mobile 3/1

To enable authentication on the mobile port, use the 

 command.

-> vlan port 3/1 authenticate enable

For more information about the configuring VLAN ports, see 

By default, authentication clients cannot traffic in the default VLAN for the authentication port unless the 

 command is enabled. See 

.