Home > User Interface > Configuration > Integration > Switch Templates
|
Menu path: Configuration > Compliance Overview >Switch Templates .
The Switch Templates page describes the behavior of switches, wireless access points, and access controls with regard to RADIUS attributes returned during authentication.
The format and usage of this page is discussed in General GUI Usage.
Select 
to add a new switch template. The fields in the New Switch Template dialog are:
| Field | Usage | Example |
|---|---|---|
| Identifier | A unique identifier for the switch template, often in the form <vendor>::<Device>. | AeroHIVE::Access_Point |
| Description | User friendly description of the switch template. | Aerohive - Extreme Access Point |
| RADIUS Disconnect | The type of disconnect sent to the NAS for the client. One of:
|
disconnect |
| SNMP Disconnect | Enable to use an SNMP disconnect to perform access reevaluation. An SNMP up and down on the port will be sent via a standard MIB. |
|
| Accept VLAN Scope | The list of RADIUS attributes that will be sent to the NAS as part of an Accept VLAN message. See Add RADIUS Attributes for a description of associating RADIUS attributes to a scope. | Tunnel-Type=VLAN Tunnel-Medium-Type=IEEE-802 Tunnel-Private-Group-ID=$vlan |
| Accept Role Scope | The list of RADIUS attributes that will be sent to the NAS as part of an Accept Role message. See Add RADIUS Attributes for a description of associating RADIUS attributes to a scope. | |
| Disconnect Scope | The list of RADIUS attributes that will be sent to the NAS as part of a Disconnect message. See Add RADIUS Attributes for a description of associating RADIUS attributes to a scope. | Calling-Station-Id=${macTpEIO48($mac)} NAS-IP-Address=$disconnectIp |
| CoA Scope | The list of RADIUS attributes that will be sent to the NAS as part of a CoA message. See Add RADIUS Attributes for a description of associating RADIUS attributes to a scope. | |
| Reject Scope | The list of RADIUS attributes that will be sent to the NAS as part of a Reject message. See Add RADIUS Attributes for a description of associating RADIUS attributes to a scope. | Reply-Message="This node is not allowed to use this service" |
| VoIP Scope | The list of RADIUS attributes that will be sent to the NAS as part of a VoIP message. See Add RADIUS Attributes for a description of associating RADIUS attributes to a scope. |
The first RADIUS attribute is added through the use of the 
button. After the first attribute is
added, new attributes are added after the current attribute using the 
icon. Attributes can be deleted using the
button. The order of attributes
can be changed by selecting the 
handle and then moving the attribute to the correct position.
When adding an attribute a list of possible attribute names is displayed in a drop-down list. The list is very long; enter a part of the attribute name to limit the extent of the list and then select the item from the list. In the second column enter the value associated with the attribute. If the attribute has a limited set of legal options, then those will be displayed in a drop-down list. If no list is displayed or an alternate value is to be entered, type the value.
Special syntax is available for variables or functions on variables. Each switch vendor or individual device is supported by specific code embedded in A3. This code defines the variable names and their semantics. The following variables are generally used across the supplied templates:
Functions are invoked within braces. For example, ${macToEUI48($mac)}
invokes the macToEUI48 function on the $mac argument. The
following functions are available:
Copyright © 2021 Extreme Networks. All rights reserved. Published April 2021.