Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

TechLibrary
Navigation
Table of Contents
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Configuring the RADIUS NAS-Port Extended Format per VLAN

    As an alternative to globally configuring the extended format for the NAS-Port (5) RADIUS attribute in an access profile, you can configure the NAS-Port extended format on a per-VLAN basis as part of a NAS-Port options definition. The NAS-Port extended format configures the number of bits (bit width) in each field in the NAS-Port attribute, including: slot, adapter, port, VLAN, and S-VLAN.

    Configuring NAS-Port options definitions on a per-VLAN basis is useful in network configurations that use a 1:1 access model.

    To configure an extended format for the NAS-Port RADIUS attribute per VLAN:

    1. Specify the interface you want to configure.
      [edit]user@host# edit interfaces interface-name
    2. Enable VLAN tagging on the interface.
      [edit interfaces interface-name]user@host# set vlan-tagging

      Setting VLAN tagging enables the reception and transmission of 802.1Q VLAN-tagged frames on the interface. You must enable VLAN tagging before you can configure the VLAN ranges to which the NAS-Port options definition applies.

    3. Specify that you want to configure RADIUS options for a VLAN interface.
      [edit interfaces interface-name]user@host# edit radius-options
    4. Create a named NAS-Port options definition.
      [edit interfaces interface-name radius-options]user@host# edit nas-port-options nas-port-options-name
    5. Configure the NAS-Port extended format.
      [edit interfaces interface-name radius-options nas-port-options nas-port-options-name]user@host# set nas-port-extended-format slot-width width adapter-width width port-width width vlan-width width
    6. Configure the VLAN range or ranges to which the NAS-Port options definition applies.
      [edit interfaces interface-name radius-options nas-port-options nas-port-options-name]user@host# set vlan-ranges (any | low-taghigh-tag)

      Per-VLAN configurations typically require you to create a VLAN range that consists of a single VLAN ID on the physical interface. To do so, set the low-tag and high-tag options in the vlan-ranges statement to the same value, as shown in the following example.

    The following example shows a per-VLAN NAS-Port options definition named paris-subscribers that configures a NAS-Port extended format consisting of a 4-bit slot field, 2-bit adapter field, 4-bit port field, and 2-bit VLAN field. The paris-subscribers definition applies to VLAN ID 1 on Gigabit Ethernet physical interface ge-1/0/1.

    [edit interfaces ge-1/0/1 radius-options]
    nas-port-options paris-subscribers {nas-port-extended-format {slot-width 4;adapter-width 2;port-width 4;vlan-width 2;}vlan-ranges {1-1;}}
     

    Related Documentation

     

    Published: 2013-02-11

    Previous Page Next Page