Configuring Access Guardian Using Guest Tunneling
OmniSwitch AOS Release 8 Network Configuration Guide December 2017 page 28-88
Quick Steps for Configuring Guest Tunneling
This section provides a quick tutorial for configuring the Guest Tunneling feature on each participating
edge switch and on the Guest Tunnel Termination Switch. The configuration steps included in this section
are based on the “Guest Tunneling Configuration Example” on page 28-90.
Quick Steps for Configuring a Guest Tunneling Edge Switch
The following quick steps are used on each edge switch that will participate in a Guest Tunneling network
configuration. A Guest Tunneling endpoint is defined on an edge switch by configuring a UNP profile that
is mapped to L2 GRE tunnel service parameters.
1 Use the ip interface command to configure the Loopback0 interface that will serve as the source IP
address for the L2 GRE tunnel.
-> ip interface Loopback0 address 10.0.0.1
-> ip interface Loopback0 address 20.0.0.1
2 Use the unp profile command to configure a guest profile to which guest device traffic is assigned.
-> unp profile Guest
3 Use the unp profile map service-type l2gre command to map the profile created in Step 2 (“Guest”)
to L2 GRE service parameters. Specify the Loopback0 interface address of the GTTS as the far-end IP
address.
-> unp profile Guest map service-type l2gre tag-value 0 vpnid 10 far-end-ip
30.0.0.2
4 Use the unp port-type command to configure the ports that will connect to guest devices as UNP
bridge ports.
-> unp port 1/1/1-2 port-type bridge
5 Use the unp mac-authentication command to enabled MAC authentication on the UNP bridge ports
configured in Step 4.
.
-> unp port 1/1/1-2 mac-authentication
6 Use the unp default-profile command to assign the “Guest” profile as the default UNP profile for the
ports configured in Step 4. If MAC authentication does not return a profile name, the guest device is
assigned to the Guest profile by default.
-> unp port 1/1/1-2 default-profile Guest
Quick Steps for Configuring the Guest Tunneling Termination Switch
The following quick steps are used to configure the switch as a Guest Tunnel Termination Switch (GTTS).
There is only one GTTS, as all guest GRE tunnels originating on edge switches will terminate to a single
tunnel endpoint switch within the network.
1 Use the ip interface command to configure the Loopback0 interface that will serve as the source IP
address for the L2 GRE tunnel.
-> ip interface Loopback0 address 30.0.0.2
To Next Page
Loading...
Need help?
General
