Creates a local network login user name and password.
user-name | Specifies a new local network login user name. User names must have a minimum of 1 character and a maximum of 32 characters. |
encrypted | The encrypted option is used by the switch to encrypt the password. Do not use this option through the command line interface (CLI). |
password | Specifies a local network login user password. Passwords must have a minimum of 0 characters and a maximum of 32 characters. |
tagged | Specifies that the client be added as tagged. |
untagged | Specifies that the client be added as untagged. |
vlan_name | Specifies the name of the destination VLAN. |
vlan_tag | Specifies the VLAN ID, tag, of the destination VLAN. |
security_profile | Specifies a security profile string during account creation. |
N/A.
Use this command to create a local network login account and to configure the switch to use its local database for network login authentication. This method of authentication is useful in the following situations:
If any of the above conditions are met, the switch checks for a local user account and attempts to authenticate against that local account.
Extreme Networks recommends creating a maximum of 64 local accounts. If you need more than 64 local accounts, we recommend using RADIUS for authentication. For more information about RADIUS authentication, see the Switch Engine 32.2 User Guide .
You can also specify the destination VLAN to enter upon a successful authentication.
Note
If you do not specify a password or the keyword encrypted, you are prompted for one.This command applies only to the web-based and MAC-based modes of network login. 802.1X network login does not support local database authentication.
You must have administrator privileges to use this command. If you do not have administrator privileges, the switch displays a message similar to the following:
This user does not have permissions for this command.
User names are not case-sensitive. Passwords are case-sensitive. User names must have a minimum of 1 character and a maximum of 32 characters. Passwords must have a minimum of 0 characters and a maximum of 32 characters. If you use RADIUS for authentication, we recommend that you use the same user name and password for both local authentication and RADIUS authentication.
If you attempt to create a user name with more than 32 characters, the switch displays the following messages:
%% Invalid name detected at '^' marker. %% Name cannot exceed 32 characters.
If you attempt to create a password with more than 32 characters, the switch displays the following message after you re-enter the password:
Password cannot exceed 32 characters
To modify an existing local network login account, use the following command:
configure netlogin local-user user-name {vlan-vsa [[{tagged | untagged} [vlan_name | vlan_tagw]] | none]}To display a list of local network login accounts on the switch, including VLAN information, use the following command:
show netlogin local-usersThe following command creates a local network login user name and password:
create netlogin local-user megtest
After you enter the local network login user name, press [Enter]. The switch prompts you to enter a password (the switch does not display the password):
password:
After you enter the password, press [Enter]. The switch then prompts you to re-enter the password:
Reenter password:
The following command creates a local network login user name, password, and associates a destination VLAN with this account:
create netlogin local-user accounting vlan-vsa blue
As previously described, the switch prompts you to enter and confirm the password.
This command was first available in ExtremeXOS 11.2.
The vlan-vsa parameter and associated options were added in ExtremeXOS 11.3.
The security-profile parameter was added in ExtremeXOS 12.1.
This command is available on ExtremeSwitching 5320, 5420, 5520, and 5720 series switches.