Hi there everyone!
Just hoping some of you wizards could assist me with a question regarding dynamic VLAN assignment on Juniper EX switches. If it helps, we would be using Cisco ISE as the Authentication Server.
I've been reading a deployment guide that states you must configure as follows... (I've cut out the set protocols dot1x and set access radius-server stuff to keep post brief)
- Set interfaces ge-x/x/x unit 0 family ethernet-switching vlan members internal
- Set ethernet-switching-options voip interface ge-x/x/x vlan voice
- Set vlans internal vlan-id xxxx
- Set vlans voice vlan-id xxxx
I was under the pretense that the whole reason for dynamic VLANs was to analyse the device per specific set of attributes (e.g. MAC, IP, etc) and then assign a VLAN based on those, however, if you configure the interface with line 1 and 2, surely this defeats the objective of examining those properties?
Can somebody help explain to me where my understanding is wrong on dynamic VLANs?
Unsure if this is just a Juniper-only thing, or whether the configuration follows suit across Cisco, Brocade, etc.
Ever grateful for your responses,
Thanks so much!
No comments:
Post a Comment