4-52
Web and MAC Authentication
Configuring MAC Authentication on the Switch
Syntax: aaa port-access mac-based [e] < port-list > [addr-limit <1-256>]
Specifies the maximum number of authenticated
MACs to allow on the port. (Default: 1)
Note: On switches where MAC Auth and 802.1X can
operate concurrently, this limit includes the total
number of clients authenticated through both methods.
The limit of 256 clients only applies when there are
fewer than 16,384 authentication clients on the entire
switch. After the limit of 16, 384 clients is reached, no
additional authentication clients are allowed on any
port for any method.
Syntax: [no] aaa port-access mac-based [e] < port-list > [addr-moves]
Allows client moves between the specified ports under
MAC Auth control. When enabled, the switch allows
addresses to move without requiring a re-authentica-
tion. When disabled, the switch does not allow moves
and when one does occur, the user will be forced to re-
authenticate. At least two ports (from port(s) and to
port(s)) must be specified. Use the no form of the
command to disable MAC address moves between ports
under MAC Auth control. (Default: disabled – no moves
allowed)
Syntax: aaa port-access mac-based [e] < port-list > [auth-vid <vid>]
no aaa port-access mac-based [e] < port-list > [auth-vid]
Specifies the VLAN to use for an authorized client. The
Radius server can override the value (accept-response
includes a vid). If auth-vid is 0, no VLAN changes occur
unless the RADIUS server supplies one. Use the no form
of the command to set the auth-vid to 0.(Default: 0).
Syntax:
aaa port-access mac-based [e] < port-list >
[logoff-period] <60-9999999>
]
Specifies the period, in seconds, that the switch
enforces for an implicit logoff. This parameter is
equivalent to the MAC age interval in a traditional
switch sense. If the switch does not see activity after a
logoff-period interval, the client is returned to its pre-
authentication state. (Default: 300 seconds)
Syntax: aaa port-access mac-based [e] < port-list > [max-requests <1-10>]
To Next Page
Loading...
Need help?
General