Edit
Edit a Network Access Control (NAC) profile.
 |
Note: * = required parameter] |
- Command Pahh - profile>nac
- Object - nac
- Actions -
- edit - Edit a NAC profile
-
* name= - Name of NAC profile
- AUTO-DISable (autodis) - enable automatic port disable on access violation
- auto-enable-TIMEOUT= - set the duration of time, in seconds, to remain in auto-disabled state (0=never re-enable)
- disabled | 60-86400 | default = 300
- auto-enable-TIMEOUT= - set the duration of time, in seconds, to remain in auto-disabled state (0=never re-enable)
- Default-Vlan (dv) - enable Default VLAN Dynamic Service Provisioning
- SerViCe-profile (svc)= - one or more service profile names
- Guest-Vlan (gv) - enable Guest VLAN Dynamic Service Provisioning
- SerViCe-profile (svc)= - one or more service profile names
- startup-DELAY (delay)= - delay to activate service
- none | 1-3600 | default = 90
- MAC-Bypass - enable MAC Bypass Service Provisioning
- auth-method= - et mac bypass login authentication method
- pap (default)| eap-m5-mac|eap-md5-username-password
- startup-DELAY= - delay to activate service
- none | 1-3600 | default = 30
- auth-method= - et mac bypass login authentication method
- MAX-managed-MACs= - set the upper limit of managed MAC Addresses using this service
- unrestricted | 1-256 | default = 16
-
Port-Authorization-Entity-accept (pae)= - enable PAE-based Dynamic Service Provisioning (pae (enabled) or no pae (disabled))
- egress-vlan= - enable parsing of RADIUS EGRESS-VLAN Attributes for PAE-based Dynamic Service Provisioning
- enabled | disabled
- filter-id= - enable parsing of RADIUS FILTER-ID Attributes for PAE-based Dynamic Service Provisioning
- enabled | disabled
- tunnel= - enable parsing of RADIUS TUNNEL Attributes for PAE-based Dynamic Service Provisioning
- enabled | disabled
- egress-vlan= - enable parsing of RADIUS EGRESS-VLAN Attributes for PAE-based Dynamic Service Provisioning
-
port-AUTHorization-entity-FAILure= - enable Authorization Failure Dynamic Service Provisioning (auto-fail (enabled) or no auto-fail (disabled (default)))
-
SerViCe-profile= - Service profile to use on NAC authentication failure
-
-
- edit - Edit a NAC profile
- From the ESUx> command line, input profile nac edit name=test auto-disable dv gv max-mac=16 pae auth-fail and press Enter. Output similar to the following is displayed:
ESUx> profile nac create name=test port-AUTHorization-entity-FAILure SerViCe-profile=<profile name> <enter> success ESUx> _
FEEDBACK: Are you happy with this material?
Thank you Your feedback helps us to continually improve our content.