When NetLogin is enabled on a sharing group, user credentials for the LAG (Link Aggregation Group) are forwarded to AAA server for authentication. Once authenticated, the LAG is moved to the VLAN (Virtual LAN) configured as the destination VLAN for NetLogin, and the learned MAC address is installed over the LAG in the FDB (forwarding database) on the NetLogin‘s destination VLAN.
All NetLogin configurations should be done on the LAG master port. For example:
enable sharing 24 grouping 24, 25, 26
enable netlogin ports 24 mac
For MAC-based authentication (see MAC-Based Authentication), when NetLogin is enabled on a sharing group, software-based learning is enabled for each member port of the sharing group. Similarly, when member ports are removed from the sharing group, software-based learning is disabled on that member port.
Note
NetLogin over Multi-switch Link Aggregation Groups (MLAGs) is not supported.