9.2.3.5. Avaya

Avaya bought Nortel’s wired networks assets. So Avaya switches are, in effect, re-branded Nortels.

9.2.3.5.1. Generic

Firmware: Generic

Administration Portal > ON CMDB > Network Devices Brand/Model: Generic/Generic

9.2.3.5.1.1. Radius Global Configuration

Define the RADIUS servers to be used for authentications and their format:

sntp server primary address <Radius_Server_IP>
    sntp enable
    radius server host <Radius_Server_IP> acct-enable
    radius server host key <Radius_Shared_Key>
    radius server host key <Radius_Shared_Key> used-by eapol
    radius server host key <Radius_Shared_Key> used-by non-eapol
    radius dynamic-server client <Radius_Server_IP>
    radius dynamic-server client <Radius_Server_IP> secret <Radius_Shared_Key>
    radius dynamic-server client <Radius_Server_IP> enable
    radius dynamic-server client <Radius_Server_IP> process-change-of-auth-requests
    radius dynamic-server client <Radius_Server_IP> process-disconnect-requests

Uplink configuration:

vlan ports 24 tagging tagAll
vlan configcontrol autopvid
eapol multihost allow-non-eap-enable
eapol multihost radius-non-eap-enable
eapol multihost non-eap-phone-enable
eapol multihost use-radius-assigned-vlan
eapol multihost non-eap-use-radius-assigned-vlan
eapol multihost eap-packet-mode unicast
eapol multihost non-eap-reauthentication-enable
eapol multihost adac-non-eap-enable
no eapol multihost non-eap-pwd-fmt ip-addr
no eapol multihost non-eap-pwd-fmt port-number
eapol multihost voip-vlan 1 enable vid 100
adac voice-vlan 100
adac uplink-port 24
adac op-mode tagged-frames
adac enable
qos if-group name TrustedLinks class trusted
qos if-assign port ALL name TrustedLinks
Port 1 configuration:

interface FastEthernet ALL
vlan ports 1 tagging tagAll
vlan members 2,3,4,5 1
vlan ports 1 pvid 2
eapol multihost port 1 enable eap-mac-max 8 allow-non-eap-enable non-eap-mac-max 8 radius-non-eap-enable use-radius-assigned-vlan non-eap-use-radius-assigned-vlan eap-packet-mode unicast adac-non-eap-enable
eapol port 1 status auto traffic-control in re-authentication enable
eapol port 1 radius-dynamic-server enable
lldp port 1 vendor-specific avaya dot1q-framing tagged
no adac detection port 1 mac
adac port 1 tagged-frames-tagging tag-all
adac port 1 enable
spanning-tree port 1 learning fast