Alcatel-Lucent 6850-48 ネットワークガイド
Configuring Authenticated Ports
Configuring Authenticated VLANs
page 36-28
OmniSwitch AOS Release 6 Network Configuration Guide
September 2009
Port Binding and Authenticated VLANs
By default, authenticated VLANs do not support port binding rules. These rules are used for assigning
devices to authenticated VLANs when device traffic coming in on an authenticated port matches criteria
specified in the rule.
devices to authenticated VLANs when device traffic coming in on an authenticated port matches criteria
specified in the rule.
You can globally enable the switch so that port binding rules may be enabled on any authenticated VLAN
on the switch.
on the switch.
The port binding rule types that are allowed on authenticated VLANs are as follows:
• MAC-Port-IP address
• MAC-Port
The MAC-port-protocol, MAC-IP address, port-IP address, and Port-Protocol binding rules are not
supported on authenticated VLANs. In addition to the above binding rule types, however, a MAC range
rule may also be applied to authenticated ports. For more information about port binding and MAC range
rules and how to configure them, see
supported on authenticated VLANs. In addition to the above binding rule types, however, a MAC range
rule may also be applied to authenticated ports. For more information about port binding and MAC range
rules and how to configure them, see
To enable port binding and MAC range rules on authenticated VLANs, use the
command with the enable keyword.
-> avlan port-bound enable
This command allows some port binding rules (MAC-Port-IP address, MAC-Port, Port-IP address, and
MAC-Port-Protocol) and MAC range rules to be used on any authenticated VLAN.
MAC-Port-Protocol) and MAC range rules to be used on any authenticated VLAN.
To disable port binding rules on authenticated VLANs, use the disable keyword with the command:
-> avlan port-bound disable
This command disables port binding rules on all authenticated VLANs.
Configuring Authenticated Ports
At least one mobile port must be configured as the physical port through which authentication clients
connect to the switch.
connect to the switch.
To create a mobile port, use the
-> vlan port mobile 3/1
To enable authentication on the mobile port, use the
command.
-> vlan port 3/1 authenticate enable
For more information about the configuring VLAN ports, see
By default, authentication clients cannot traffic in the default VLAN for the authentication port unless the
command is enabled. See
.