RADIUS/Policy/NetLogin

RADIUS/Policy/NetLogin mappings are not persistent.

Actions when RADIUS is enabled::
  • Policy maptable may be configured to use policy, tunnel, or both.
  • RADIUS may return a policy name, a VLAN, and possibly an Network Service Identifier (NSI) mapping.
    If RADIUS returns a VLAN/NSI mapping:
    • Policy is not enabled: policy does not install an NSI mapping.
    • Policy is enabled: the mapping is installed if the following conditions are met.
      • Policy must be configured to make use of the RADIUS (RFC3580) VLAN, meaning:
        • The Policy maptable response must be set to “tunnel” or “both”.
        • If the response is set to “policy” (the default), the VLAN/NSI is not used.
      • The VLAN and NSI must both be specified for the NSI to be used (see Defining VLAN/NSI Mappings with RADIUS Standards Attributes or VSAs).
      • The authentication response is an initial authentication for the given user or a re-authentication of an existing user with a mapping that differs from the existing mapping.