1-7
MAC address authentication is enabled
Authenticate success: 1, failed: 0
Current online user number is 1
MAC Addr Authenticate state Auth Index
00e0-fc12-3456 MAC_AUTHENTICATOR_SUCCESS 29
RADIUS-Based MAC Authentication Configuration Example
Network requirements
As illustrated in
, a host is connected to the device through port GigabitEthernet 1/0/1. The
device authenticates, authorizes and keeps accounting on the host through the RADIUS server.
z
MAC authentication is required on every port to control user access to the Internet.
z
Set the offline detect timer to 180 seconds and the quiet timer to 3 minutes.
z
All users belong to ISP domain 2000.
z
The username type of fixed username is used for authentication, with the username being
aaa
and
password being
123456
.
Figure 1-2
Network diagram for MAC authentication using RADIUS
Configuration procedure
It is required that the RADIUS server and the device are reachable to each other and the username and
password are configured on the server.
1) Configure MAC authentication on the device
# Configure a RADIUS scheme.
<Device> system-view
[Device] radius scheme 2000
[Device-radius-2000] primary authentication 10.1.1.1 1812
[Device-radius-2000] primary accounting 10.1.1.2 1813
[Device-radius-2000] key authentication abc
[Device-radius-2000] key accounting abc
[Device-radius-2000] user-name-format without-domain
Summary of Contents for S5500-SI Series
Page 161: ...3 10 GigabitEthernet1 0 1 2 MANUAL...
Page 220: ...1 7 Clearing ARP entries from the ARP table may cause communication failures...
Page 331: ...1 7 1 1 ms 1 ms 1 ms 1 1 6 1 2 1 ms 1 ms 1 ms 1 1 4 1 3 1 ms 1 ms 1 ms 1 1 2 2 Trace complete...
Page 493: ...2 8...
Page 1111: ...1 10 Installing patches Installation completed and patches will continue to run after reboot...