NetLogin Authentication

NetLogin provides the dynamic authentication of users as a frontend to policy. Supported authentication type for ExtremeXOS includes 8021.1X, MAC Authentication, and Web Authentication.

Unknown unicast/multicast/broadcast traffic is allowed to egress NetLogin-enabled ports, even if the porst are not authenticated. Configuring the port authentication mode as optional/required does not affect egress traffic (configure netlogin ports [all | port_list] [allowed-users allowed_users | authentication mode [optional | required] | trap [all-traps | no-traps | [{success} {failed} {terminated} {max-reached}]]] ).

Note

Note

When enabling policy, all VLAN (Virtual LAN)-level commands supported in non-policy mode are lost, including:
  • configure netlogin vlan
  • configure netlogin authentication failure vlan
  • configure netlogin authentication service-unavailable vlan
  • configure netlogin dot1x guest-vlan
  • configure netlogin dynamic-vlan
  • configure netlogin ports [all | port_list] mode [mac-based-vlans | port-based-vlans]
  • configure netlogin ports [all | port_list] no-restart
  • configure netlogin ports [all | port_list] restart
  • configure netlogin ports [all | port_list] [allowed-users allowed_users | authentication mode [optional | required] | trap [all-traps | no-traps | [{success} {failed} {terminated} {max-reached}]]]
  • configure netlogin ports [port_list | all] allow egress-traffic [none | unicast | broadcast | all_cast]