Wired Intelligent Edge

Hi,

Here some feedbacks with AAA/NAC features on Comware V7 (5130/5510HI/etc..)

Hope it will help !

Regards,

Serge

Attachment(s)

AAA&NAC Comware v7 PoC v1.4.pdf   983 KB 1 version

Hello Serge,

On page 15 there is a diagram with all the features.

I have 5510 switches and 5400. And for the 5400 i also use dynamic ACL.

On this page it says that on the 5130 and 5510 also dynamic ACL are supported.

Do you have an example of how to do this in clearpass for the 5510.

Already my thanks.

You should use the standard Radius « Filter-Id » Attribute (11) 

And define the value as the ACL number you want to apply on the authenticated port.

Or

Use the user-profile feature. In the case, set user-profile name as standard Radius Filter-id attribute (11)

User-profile test
     qos apply policy test inbound

acl number 3000
 rule 0 permit tcp source-port eq 21

traffic classifier classifier_1
if-match acl 3000

traffic behavior behavior_1
 filter deny

qos policy test
  classifier classifier_1 behavior behavior_1

User-profile test enable

Regards

Thanks for the quick replay,

I will test it.

Good document by the way.

Keep it coming