When NetLogin is enabled on a sharing group, user credentials for the LAG are forwarded to AAA server for authentication. Once authenticated, the LAG is moved to the VLAN configured as the destination VLAN for NetLogin, and the learned MAC address is installed over the LAG in the FDB on the NetLogin‘s destination VLAN.
All NetLogin configurations should be done on the LAG master port. For example:
enable sharing 24 grouping 24, 25, 26
enable netlogin ports 24 mac
For MAC-based authentication (see MAC-Based Authentication), when NetLogin is enabled on a sharing group, software-based learning is enabled for each member port of the sharing group. Similarly, when member ports are removed from the sharing group, software-based learning is disabled on that member port.