Filter
Top Products
Brocade ICX 6650 Security Configuration Guide 233
53-1002601-01
How multi-device port authentication works
• Username (1) – RFC 2865
• NAS-IP-Address (4) – RFC 2865
• NAS-Port (5) – RFC 2865
• Service-Type (6) – RFC 2865
• FilterId (11) – RFC 2865
• Framed-MTU (12) – RFC 2865
• State (24) – RFC 2865
• Vendor-Specific (26) – RFC 2865
• Session-Timeout (27) – RFC 2865
• Termination-Action (29) – RFC 2865
• Calling-Station-ID (31) – RFC 2865
• NAS-Port-Type (61) – RFC 2865
• Tunnel-Type (64) – RFC 2868
• Tunnel-Medium-Type (65) – RFC 2868
• EAP Message (79) – RFC 2579
• Message-Authenticator (80) RFC 3579
• Tunnel-Private-Group-Id (81) – RFC 2868
• NAS-Port-id (87) – RFC 2869
Support for dynamic VLAN assignment
The Brocade multi-device port authentication feature supports dynamic VLAN assignment, where a
port can be placed in one or more VLANs based on the MAC address learned on that interface. For
details about this feature, refer to “Configuring the RADIUS server to support dynamic VLAN
assignment” on page 241.
Support for dynamic ACLs
The multi-device port authentication feature supports the assignment of a MAC address to a
specific ACL, based on the MAC address learned on the interface. For details about this feature,
refer to “Dynamically applying IP ACLs to authenticated MAC addresses” on page 243.
Support for authenticating multiple MAC addresses
on an interface
The multi-device port authentication feature allows multiple MAC addresses to be authenticated or
denied authentication on each interface. The maximum number of MAC addresses that can be
authenticated on each interface is limited only by the amount of system resources available on the
Brocade device.
Support for dynamic ARP inspection with dynamic ACLs
Multi-device port authentication and Dynamic ARP Inspection (DAI) are supported in conjunction
with dynamic ACLs. Support is available in the Layer 3 software images only.