Example Scenarios Using NAP

Using the following figure, the following two scenarios describe some sample actions taken when an 802.1X-enabled supplicant initiates a connection to the network.

The scenarios assume the following:
  • Scenario 1 has a healthy 802.1X-enabled supplicant.

  • Scenario 2 has an unhealthy 802.1X-enabled supplicant.

  • 802.1X network login has been configured and enabled on the switch.

  • The RADIUS (Remote Authentication Dial In User Service) server has been configured using the NAP-specific VSAs for authenticating supplicants.

  • The remediation servers have been configured with the appropriate software updates, anti-virus software, and so on.

  • The Extreme Management Center and Ridgeline servers have been configured to receive traps from the switch. The traps sent from the switch inform Ridgeline of the state of the supplicant. In these scenarios, you configure the NMS as the syslog target.

  • VLAN (Virtual LAN)s Production and Quarantine have already been created and configured.

Note

Note

You can dynamically create the quarantine VLAN if you configure dynamic VLAN creation on the switch. For more information see, Configuring Dynamic VLANs for Network Login.