Jens, I am not sure if there is a way to remove vlan 1 from the port, but you could forbid vlan 1 based on the role. The better option though might be to contain the traffic to vlan 100? On the General tab for the role, you could try setting the Access control to Contain to VLAN. See if that helps.
Patrick Printz Network Infrastructure Quinsigamond Community College 670 West Boylston Street Worcester, MA 01606-2092 w. 508-854-7517 c. 508-726-9529 "If a man is called a street sweeper, he should sweep streets even as Michelangelo painted, or Beethoven composed music, or Shakespeare wrote poetry. He should sweep streets so well that all the hosts of heaven and Earth will pause to say, Here lived a great street sweeper who did his job well." ~Martin Luther King, Jr. -----Original Message----- From: Podbiera, Jens [mailto:[email protected]] Sent: Tuesday, March 27, 2012 10:20 AM To: Enterasys Customer Mailing List Subject: [enterasys] setting up vlan to policy Hey guys, need a little bit assistance to configure vlan to policy. Can´t found any tutorials on extranet to setup this feature. Has any one a manual? I take the follow steps: [Policy Manager] 1. create a role and setup the tab "Vlan Egress with Vlan 100" [NAC] 1. create a rule "Rule Name" -> Authentication is MAC and End-System is in "End-System-Group" + New Nac Profile 2. Nac Profile with created Accept Policy (with Vlan 100) After the enforce and authentication, the port has two vlans, Vlan 100 an default vlan. Thats my problem, i want only the 100 Vlan on this port not the default vlan. If i setup the port manualy to a other vlan (400), i have the same problem. My Vlan 100 will added to the primary vlan on the port. Whats my mistake? Short Example: VLAN: 1 NAME: DEFAULT VLAN VLAN Type: Default Egress Ports ge.1.4[Test Notebook], ge.1.48 [Uplink] Forbidden Egress Ports None. Untagged ports ge.1.4[Test Notebook], ge.1.48[Uplink] VLAN: 100 NAME: xXXx VLAN Type: Permanent Egress Ports ge.1.4[Test Notebook], ge.1.48 [Uplink] Forbidden Egress Ports None. Untagged ports ge.1.4[Test Notebook] Example 2: VLAN: 100 NAME: xXXx VLAN Type: Permanent Egress Ports ge.1.4[Test Notebook], ge.1.48 [Uplink] Forbidden Egress Ports None. Untagged ports ge.1.4[Test Notebook] VLAN: 400 NAME: xxxxx VLAN Type: Permanent Egress Ports ge.1.14 Forbidden Egress Ports None. Untagged ports ge.1.14 Regards Jens --- To unsubscribe from enterasys, send email to [email protected] with the body: unsubscribe enterasys [email protected] --- To unsubscribe from enterasys, send email to [email protected] with the body: unsubscribe enterasys [email protected]
