Configuring Access Guardian Configuring Port-Based Network Access Control
OmniSwitch AOS Release 8 Network Configuration Guide December 2017 page 28-61
-> unp vxlan far-end-ip-list vteps 10.1.1.1 20.1.1.1 30.1.1.1 40.1.1.1
To verify the VXLAN far-end IP address list configuration, use the show unp vxlan far-end-ip-list
command. For example:
-> show unp vxlan far-end-ip-list toDataCenter2
Far-End-Ip-List Name: vteps, IP-Count: 4,
IP-Addresses:
10.1.1.1
20.1.1.1
30.1.1.1
40.1.1.1
To verify the VXLAN service profile configuration for the switch, use the show unp profile map
command with the service-type vxlan parameter. For example:
-> show unp profile map service-type vxlan
Profile Tag Far-End-List Vlan Mcast Mcast
Name Vnid Value Xlation Mode Group
-----------------------------+-----+-----+------------+-------+-------+---------
vmCluster1 2300 12 - Ena Tandem 225.1.1.1
vmCluster2 2301 15 vteps Ena Headend -
Mapping a Static Service to a UNP Profile
To configure the mapping of an existing SPB or VXLAN service to an existing UNP profile, use the unp
profile map service-type static command. For example, the following command configures a static
service mapping for the “vNP2” profile that will carry traffic tagged with VLAN 5 on the existing SAP
that is associated with service ID 10:
-> unp profile unp1-staticSPB map service-type static tag-value 20 service-id 10
To verify the static service profile configuration for the switch, use the show unp profile map command
with the service-type static parameter. For example:
-> show unp profile map service-type static
Profile Tag
Name SvcId Value
--------------------------------+--------+--------
unp1-staticSPB 10 20
unp2-staticVXLAN 20 40:50
Total Profile Static-Service-Map Count: 2
Configuring QoS Policy Lists
One of the attributes for UNP profiles specifies the name of a list of QoS policy rules. This list is applied
to a user device when the device is initially assigned to the profile. Using policy lists allows the
administrator to associate a group of users to a set of QoS policy rules. The policy rules applied determine
the initial role (network access) for a user device classified into the profile.
To create a QoS policy list to assign to a UNP profile, use the policy list command to specify a list name
and then use the policy list rules command to specify the names of one or more existing QoS/ACL policy
rules to add to the list. For example, the following commands create two policy rules and associates these
rules with the “temp-rules” list:
-> policy condition c1 802.1p 5
-> policy action a1 disposition drop
To Next Page
Loading...
Need help?
General
