350
2.
Configure MAC authentication for GigabitEthernet 1/0/1:
a.
In the
Ports With MAC Authentication Enabled
area, click
Add
.
b.
Select
GigabitEthernet1/0/1
from the
Port
list, and click
Apply
.
Figure 378 Enabling MAC authentication for port GigabitEthernet 1/0/1
ACL assignment configuration example
Network requirements
As shown in
, the switch uses RADIUS servers to perform authentication, authorization,
and accounting.
Configure MAC authentication on port GigabitEthernet 1/0/1 to control Internet access. Make sure an
authenticated user can access the Internet but not the FTP server at 10.0.0.1.
Use MAC-based user accounts for MAC authentication users. The MAC addresses are not
hyphenated.
Figure 379 Network diagram
Configuring IP addresses
# Assign an IP address to each interface. Make sure the RADIUS servers, host, and switch can
reach each other. (Details not shown.)
Configuring the RADIUS servers
# Add a user account with the host MAC address unhyphenated as both the username and
password, and specify ACL 3000 as the authorization ACL for the user account. (Details not shown.)
For information about the RADIUS server configuration, see "
Configuring a RADIUS scheme for the switch
1.
Create a RADIUS scheme:
a.
From the navigation tree, select
Authentication
>
RADIUS
.
b.
Click
Add
.
Internet
Switch
Host
192.168.1.10
GE1/0/1
FTP server
10.0.0.1
RADIUS servers
Auth:10.1.1.1
Acct:10.1.1.2
Summary of Contents for FlexNetwork NJ5000
Page 12: ...x Index 440 ...
Page 39: ...27 Figure 16 Configuration complete ...
Page 67: ...55 Figure 47 Displaying the speed settings of ports ...
Page 78: ...66 Figure 59 Loopback test result ...
Page 158: ...146 Figure 156 Creating a static MAC address entry ...
Page 183: ...171 Figure 171 Configuring MSTP globally on Switch D ...
Page 243: ...231 Figure 237 IPv6 active route table ...