Create
Create a Network Access Control (NAC) profile.
 |
Note: * = required parameter |
- Command Path - profile>nac
- Object - nac
- Actions -
- create - Create a new NAC profile
-
* name= - Name of new NAC profile
- AUTO-DISable (autodis)= - enable automatic port disable on access violation
- auto-enable-TIMEOUT= - set the duration of time, in seconds, to remain in auto-disabled state (0=never re-enable)
- disabled|60-86400 | default = 300
- auto-enable-TIMEOUT= - set the duration of time, in seconds, to remain in auto-disabled state (0=never re-enable)
- Default-Vlan (dv) - enable Default VLAN Dynamic Service Provisioning
- SerViCe-profile (svc) - one or more service profile names
- Guest-Vlan (gv) - enable Guest VLAN Dynamic Service Provisioning
- SerViCe-profile (svc) - one or more service profile names
- startup-DELAY (delay) - delay to activate service
- none | 1-3600 | default = 90
- MAC-Bypass - enable MAC Bypass Service Provisioning
- auth-method - et mac bypass login authentication method
- pap (default )| eap-md5-mac|eap-md5-username-password
- startup-DELAY - delay to activate service
- none | 1-3600 | default = 30
- auth-method - et mac bypass login authentication method
- MAX-managed-MACs - set the upper limit of managed MAC Addresses using this service
- unrestricted | 1-256 | default = 16
-
Port-Authorization-Entity-accept (pae) - enable PAE-based Dynamic Service Provisioning (pae (enabled) or no pae (disabled))
- egress-vlan - enable parsing of RADIUS EGRESS-VLAN Attributes for PAE-based Dynamic Service Provisioning
- enabled | disabled
- filter-id - enable parsing of RADIUS FILTER-ID Attributes for PAE-based Dynamic Service Provisioning
- enabled | disabled
- tunnel - enable parsing of RADIUS TUNNEL Attributes for PAE-based Dynamic Service Provisioning
- enabled | disabled
- egress-vlan - enable parsing of RADIUS EGRESS-VLAN Attributes for PAE-based Dynamic Service Provisioning
-
port-AUTHorization-entity-FAILure - enable Authorization Failure Dynamic Service Provisioning (auto-fail (enabled) or no auto-fail (disabled (default)))
-
SerViCe-profile - Service profile to use on NAC authentication failure
-
-
- create - Create a new NAC profile
- From the ESUx> command line, input profile nac create name=test auto-disable dv gv max-mac=16 pae auth-fail and press Enter. Output similar to the following is displayed:
ESUx> profile nac create name=test auto-disable dv gv max-mac=16 pae auth-fail <enter> success ESUx> _
FEEDBACK: Are you happy with this material?
Thank you Your feedback helps us to continually improve our content.