...
To configure authentication modes, complete the following:
From the Cloud Services Infoblox Portal, go to Manage Configure > Networking > IPAM/DHCP.
On the Address Spaces page, click Create > IP Space to create an IP space to which you add address blocks or subnets, as described in Configuring IP Space.
On the Address Spaces page, click Create > Address Blocks or Create > Subnets to add an address scope to the newly created IP space, as described in Creating Subnets. Ensure that you do the following when creating an address block or subnet:
Choose the IP space you just created.
Choose the host you want to associate with the IP space. Ensure that the host has the Access Authentication service enabled.
Add the “IB_Onprem_AuthN” key tag and enter “Exclude” as the key value if you want to exclude from the address block from authentication or enter “Include” to include the address scope for authentication. For information, see Managing Tags.
After you have successfully created the IP space and address scopes, go to Manage >Infrastructure > Services.
Choose an existing Access Authentication service you want to add an authentication mode, and then click Edit.
In the Edit Access Authentication wizard, scroll down and choose the address scope from the table, and then complete the following.
Tagged Authentication Mode,: Choose one of the following mode for the chosen address block:
Disabled: The tagged authentication control is disabledisabled. All clients must be authenticated.
Exclusions: Clients from the address scopes tagged for exclusion will bypass authentication. Other clients outside of the address scopes must be authenticated.
Inclusions: Clients from the address scopes tagged for inclusion must be authenticated. Other clients will bypass authentication.
Both: Clients from the address scopes tagged for inclusion and clients from untagged address scopes must be authenticated. Clients from the scopes tagged for exclusion will bypass authentication.
Click Save & Close.
...