Security

Reply
Highlighted
Occasional Contributor I

Colorless ports and PoE

Hello Everyone,

 

I have setup ClearPass role-based access with colorless ports using the Wired Policy Enforcement Solution Guide. For access switches, we use HPE 5130 (Comware7).

 

In our network, there are some devices, mainly cameras that require PoE to be turned on. I searched for a way to turn on PoE via RADIUS but found or at least some best practices regarding PoE and colorless ports but I found none.

 

So far, I plan on turning PoE on by default either on all of the ports or always at first ten or something.

 

So I would like to ask you whether, any one of you has tackled this issue and what solution did you use in production.

 

And is this different with ArubaOS switches?

 

Thanks a lot

Highlighted
Super Contributor II

Re: Colorless ports and PoE

I turned on with "poe enable" for all HP H3C switchports but not using colorless with H3C

I upgraded some of H3C to ArubaOS and implementing colorless.  All switchports in ArubaOS are POE enable by default.  I don't think I can disable POE in AOS switch. 

~Trinh Nguyen~
Boys Town
Highlighted
MVP Expert
MVP Expert

Re: Colorless ports and PoE

In turn on POE on by default on all edge interfaces on 5130 switches.

How does a offline ‘powered off’ device send its EAP request to the switch If it needs POE to operate in the first place. Steering POE with radius isnt possible is what i think.

On Aruba switches POE can be disabled per interface with the command “no
Interface #/# power-over-ethernet”
Kind Regards Marcel Koedijk
HPE ASE Flexnetwork | ACMP | ACCP | Ekahau ECSE Design - Was this post usefull, Kudos are welcome.
Highlighted
Occasional Contributor I

Re: Colorless ports and PoE

Well, back then, I was thinking whether something like conditional behavior of PoE exists, for example it could grant power until the authentication is done and then either continue or stop granting the power based on authentication result.

 

I have found no such settings and went with enabling PoE for all of the colorless ports.

 

Thank you and have a nice day :)

Occasional Contributor II

Re: Colorless ports and PoE

honestly that sounds like a lot of trouble to go through. All my switch deployments I leave PoE on, or in the case of comware, specifically enable it everywhere.. Is there a specific requirement or need to have PoE disabled where it's not needed?

Highlighted
Occasional Contributor I

Re: Colorless ports and PoE

With former setup, the customer was used to requesting PoE enabling specifically for ports where they needed it and I tried to mirror this behavior with colorless ports as well.

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: