beautypg.com

HP Identity Driven Manager Software Series User Manual

Page 93

background image

3-25

Using Identity Driven Manager

Configuring Access Profiles

3.

Define the attributes for the Access Profile:

N O T E :

If you are assigning any VLAN other than the default VLAN, ensure that the
VLAN is configured correctly on the all switches to which this access profile
will be applied before defining the access profile.

The VLAN that gets set for a user will override the statically configured VLAN,
as well as the

auth-vid

which may have been configured for that port. Note also

that if an

unauth-vid

is set and the user is rejected by IDM for any reason, the

port is opened and the VLAN is set to the

unauth-vid.

Name

Name used to identify the Access Profile

Description

Brief description of the Access Profile

Untagged VLAN or
Tagged VLANs

Select the type of VLAN used for the access profile.
To select an untagged VLAN, check the Untagged VLAN check
box and select the VLAN that can be accessed from the drop-
down list. Selecting a VLAN from the list grants the user access
to that network segment only.
To select a tagged VLAN, check the Tagged VLAN check box and
click Edit. When the VLAN Selection window appears, select the
tagged VLANs to be accessed from the Available VLANs list and
click >> to select them. When all tagged VLANS that can be
accessed are displayed in the Selected VLANs list, click OK to
close the window and return to the Identity Management
Configuration window.
Keep the following in mind when selecting VLANs:
• The list of VLANs is derived from the VLANs that PCM discovers.

Therefore, you should run Discovery to populate the VLAN list
before creating a new Access Profile.

• Untagged VLANs and tagged VLANs are mutually exclusive,

meaning the customer cannot select the same VLAN for
untagged and tagged.

• The VLAN set for a user overrides the statically configured

VLAN, as well as the auth-vid that may have been configured
for that port.

• If an unauth-vid is set and the user is rejected by IDM for any

reason, the port is opened and the VLAN is set to the unauth-vid.

QoS

The Quality of Service, or "priority" given to outbound traffic under
this profile. Select the setting from the pull-down menu.

Ingress rate-limit
Egress rate-limit

The rate-limits applied for this profile. Use the up-down arrows to
increase or decrease the bandwidth setting. The default setting
is 1000 Kbps (1 Mbps) AP1

NOTE: This is translated to a percentage of bandwidth at the
switch.

This manual is related to the following products:
See also other documents in the category HP Software: