Hello,
I am trying to set up a NAC solution with FortiNAC and OS6560-P48Z16 8.9.221.R03. I am using UNP, the port type is bridge (access is not supported), and VLAN port mobile is not supported. I am able to authenticate the users, but VLAN assignment is not working.
I started working with Alcatel only a few days ago, and I have no idea if regular VLAN assignment is compatible with UNP.
My config goes like this:
! DA-UNP:
unp profile “Vlan_8”
unp profile “Vlan_24”
unp profile “Vlan_8” map vlan 8
unp profile “Vlan_24” map vlan 24
unp port-template “802.1x” direction both aaa-profile “FORTINAC” admin-state enable
unp port-template “802.1x” 802.1x-authentication
unp port 1/1/2 port-type bridge
unp port 1/1/2 port-template “802.1x”
aaa radius-server “FORTINAC” host 1.1.1.1 hash-key “" hash-salt "” retransmit 3 timeout 2 auth-port 1812 acct-port 1813 vrf-name default
aaa authentication console “local”
aaa authentication http “local”
aaa authentication snmp “local”
aaa authentication ssh “local”
aaa device-authentication mac “FORTINAC”
aaa device-authentication 802.1x “FORTINAC”
aaa accounting 802.1x “FORTINAC”
aaa 802.1x re-authentication enable
aaa 802.1x re-authentication trust-radius enable
aaa tacacs command-authorization disable
snmp-trap absorption disable
snmp station 1.1.1.1 162 v2 enable
snmp security no-security
snmp community-map mode enable
snmp community-map hash-key ******* user “*****” enable
My understanding is that using a default unp profile in unp template is not mandatory.
Since UNP work with profile I am not sure if it is compatible with regular 802.1x implementations and if vlan assignment is RFC compliance.
Anyone with a similar issue that could give some support?
Best Regards