120
MAC ADDR From Port Port Index
Ethernet1/0/1 is link-up
MAC address authentication is enabled
Authenticate success: 1, failed: 0
Max number of on-line users is 2048
Current online user number is 1
MAC ADDR Authenticate state Auth Index
00e0-fc12-3456 MAC_AUTHENTICATOR_SUCCESS 29
# After a user passes MAC authentication, use the display connection command to display online user
information.
<Device> display connection
Slot: 1
Index=29 ,Username=aaa@2000
IP=N/A
IPv6=N/A
MAC=00e0-fc12-3456
Total 1 connection(s) matched on slot 1.
Total 1 connection(s) matched.
ACL assignment configuration example
Network requirements
As shown in Figure 50, a host connects to the device’s port Ethernet 1/0/1, and the device uses RADIUS
servers to perform authentication, authorization, and accounting.
Perform MAC authentication on port Ethernet 1/0/1 to control Internet access. Make sure that an
authenticated user can access the Internet but the FTP server at 10.0.0.1.
Use MAC-based user accounts for MAC authentication users. The MAC addresses are hyphen separated
and in lower case.
Figure 50 Network diagram
Internet
Device
Host
IP: 192.168.1.10/24
MAC: 00-e0-fc-12-34-56
Eth1/0/1
FTP server
10.0.0.1/24
RADIUS servers
Auth:10.1.1.1
Acct:10.1.1.2
Configuration procedure
NOTE:
Check that the RADIUS server and the access device can reach each other.
To Next Page
Loading...
Need help?
General