1-2
format configured with the
mac-authentication authmode usernameasmacaddress
usernameformat
command; otherwise, the authentication will fail.
z
In fixed mode, all users’ MAC addresses are automatically mapped to the configured local
passwords and usernames.
z
The service type of a local user needs to be configured as lan-access.
Related Concepts
MAC Address Authentication Timers
The following timers function in the process of MAC address authentication:
z
Offline detect timer: At this interval, the switch checks to see whether an online user has gone
offline. Once detecting that a user becomes offline, the switch sends a stop-accounting notice to
the RADIUS server.
z
Quiet timer: Whenever a user fails MAC address authentication, the switch does not initiate any
MAC address authentication of the user during a period defined by this timer.
z
Server timeout timer: During authentication of a user, if the switch receives no response from the
RADIUS server in this period, it assumes that its connection to the RADIUS server has timed out
and forbids the user from accessing the network.
Quiet MAC Address
When a user fails MAC address authentication, the MAC address becomes a quiet MAC address, which
means that any packets from the MAC address will be discarded simply by the switch until the quiet
timer expires. This prevents an invalid user from being authenticated repeatedly in a short time.
If the quiet MAC is the same as the static MAC configured or an authentication-passed MAC, then the
quiet function is not effective.
Configuring Basic MAC Address Authentication Functions
Follow these steps to configure basic MAC address authentication functions:
To do...
Use the command...
Remarks
Enter system view
system-view
—
Enable MAC address
authentication
globally
mac-authentication
Required
Disabled by default
In system view
mac-authentication interface
interface-list
interface interface-type
interface-number
Enable MAC address
authentication for the
specified port(s) or
the current port
In interface
view
mac-authentication
Use either method
Disabled by default
Содержание Switch 4800G PWR 24-Port
Страница 165: ...1 8 4 mac address es found on port GigabitEthernet1 0 2 ...
Страница 214: ...ii Displaying and Maintaining System Guard 4 1 ...
Страница 445: ...ii ...
Страница 727: ...i Table of Contents Appendix A Acronyms A 1 ...
Страница 730: ...A 3 VOD Video On Demand W WRR Weighted Round Robin X XID eXchange Identification XRN eXpandable Resilient Networking ...