Vendor-specific attributes, Cli commands for security on the switch, Security profile commands – Extreme Networks Summit 300-48 User Manual
Page 89
CLI Commands for Security on the Switch
Summit 300-48 Switch Software User Guide
89
Table 31 lists the attributes included in the RADIUS response.
Vendor-Specific Attributes
Table 32 lists the supported vendor-specific attributes (VSAs). The Extreme vendor ID is 1916.
The following rules apply for VSAs:
•
There is no RADIUS support required for WEP authentication.
•
For locations, the switch receives Extreme VSA containing the location of the access point. The
RADIUS server uses the location VSA to determine whether to allow or deny access.
•
For WPA and legacy dot1x clients, the RADIUS server sends the VLAN value to use for the client.
CLI Commands for Security on the Switch
Security Profile Commands
Table 33 lists the CLI commands for creating security profiles.
Table 31: RADIUS Response Attributes
Attribute
Description
EXTREME_NETLOGIN_VLAN_TAG
VLAN for this MAC
Table 32: Vendor-Specific Attributes
VSA
Attribute
Value
Type
Sent In
EXTREME_NETLOGIN_VLAN_TAG
209
Integer
Access-accept
EXTREME_USER_LOCATION
208
String
Access-request
Table 33: Security Profile Commands
Command
Description
create security-profile
Creates a new profile identified by the string name.
Optional from argument specifies the name of an existing profile from
which the system copies the initial values
delete security-profile
Deletes the named security profile. The named profile must not be
currently attached to any active port on the switch.
config security-profile
Sets the value of the property specified in the command line.
Changes take effect immediately and are propagated to all ports
sharing the named profile. If the command fails, none of the changes
is propagated to any of the ports. Table 34 lists the
values.
show security-profile {
Shows the configured parameters of the security profile.