• February 22, 2019, 10:20:21 AM
Welcome, Guest. Please login or register. Registration is free.
Did you miss your activation email?
« previous next »
Pages: [1]

Author Topic: ERS4000 Cannot perform VLAN changes on EAP enabled port  (Read 336 times)

0 Members and 1 Guest are viewing this topic.

Offline z1vikingfan

  • Rookie
  • **
  • Posts: 1
ERS4000 Cannot perform VLAN changes on EAP enabled port
« on: July 19, 2018, 05:10:02 PM »
We have 802.1x/EAP enabled on our ERS4000's and seems to be working well from the port security side of things.  Something that has been bothering us: in order to perform a manual administrative VLAN change, we have to disable EAPOL in order to change the VLAN assignment on ports.  The message we receive is "Cannot perform VLAN changes on EAP enabled port".

Does anyone know why this is?
Logged

Offline MatzeKS

  • Sr. Member
  • ****
  • Posts: 308
    • matzeks
    • Controlware GmbH - Germany
Re: ERS4000 Cannot perform VLAN changes on EAP enabled port
« Reply #1 on: August 06, 2018, 02:18:01 AM »
Hi z1vikingfan,

this works as designed since years - manually changes of vlan assignments are not allowed on EAP enabled ports for security reasons. Once the device is authenticated on one of these ports, the related radius return attributes for vlan-create, vlan-id, i-sid, etc. are "allowed" to set these settings.

Good luck
Logged
------------------------------------------------------
ACE-Fx #00050
Pages: [1]
« previous next »