.. _example_interfaces_ethernet_authenticator_aaa_authorization_aclid:

######
Acl Id
######


.. sidebar:: Contents

  .. contents::
    :depth: 2
    :local:

This scenario shows how to install traffic policies from
received RADIUS messages (using the "Filter-Id" attribute and
according to RFC2865).

.. image:: acl.svg
  :width: 400

*************************
Test 802.1x Filter-ID ACL
*************************

Description
===========

DUT0 is configured with an 802.1x-authenticated interface
and DUT1 is configured as a supplicant. A traffic policy
is automatically configured in DUT0 after the supplicant
is authenticated.

Scenario
========

.. include:: aclid/test802.1xfilter-idacl

.. raw:: html

  <hr>

*********************************
Test 802.1x Filter-ID ACL And CoA
*********************************

Description
===========

In this scenario, DUT1 is successfully authenticated and
a traffic policy is configured from a "Filter-ID" attribute.
A CoA message is then received from the authentication
server that changes the configured traffic policy to drop
non-ICMP traffic.

Scenario
========

.. include:: aclid/test802.1xfilter-idaclandcoa

.. raw:: html

  <hr>

**********************
Test MAB Filter-ID ACL
**********************

Description
===========

DUT0 is configured with a MAB-authenticated interface.
A traffic policy is automatically configured in DUT0
after the supplicant is authenticated via MAC address.

Scenario
========

.. include:: aclid/testmabfilter-idacl

.. raw:: html

  <hr>

******************************
Test MAB Filter-ID ACL And CoA
******************************

Description
===========

In this scenario, DUT1 is successfully authenticated via
MAC address and a traffic policy is configured from a
"Filter-ID" attribute. A CoA message is then received from
the authentication server that changes the configured
traffic policy to drop non-ICMP traffic.

Scenario
========

.. include:: aclid/testmabfilter-idaclandcoa

.. raw:: html

  <hr>