Configure Mac Authentication Bypass On A Switch - NETGEAR M4200 Software Administration Manual
M4200 and m4300 series prosafe managed switches
Hide thumbs
Also See for M4200:
- Hardware installation manual (33 pages) ,
- Installation manual (2 pages)
Table of Contents
Advertisement
Configure MAC Authentication Bypass on a Switch
This section provides an example of how to configure MAC Authentication Bypass (MAB) on
a switch.
The example is shown as CLI commands and as a web interface procedure.
CLI: Configure the Switch to Perform MAB with a Microsoft Network
Policy Server
1.
Enable 802.1X authentication on the switch.
(Netgear Switch) #config
(Netgear Switch) (Config)#dot1x system-auth-control
2.
Configure RADIUS to authenticate 802.1X users.
(Netgear Switch) (Config)#aaa authentication dot1x default radius
3.
Configure the switch to communicate with the Microsoft network policy server.
In this example, the Microsoft network policy server IP address is 10.1.10.46. The shared
key on the switch and the RADIUS server must match.
(Netgear Switch) (Config)#radius server host auth 10.1.10.46
(Netgear Switch) (Config)#radius server key auth 10.1.10.46
Enter secret (64 characters max):******
Re-enter secret:******
(Netgear Switch) (Config)#radius server primary 10.1.10.46
4.
Configure force-authorization on the port that connects to the Microsoft network policy server
(port 1/0/1 in this example).
(Netgear Switch) (Config)#interface 1/0/1
(Netgear Switch) (Interface 1/0/1)#dot1x port-control force-authorized
(Netgear Switch) (Interface 1/0/1)#exit
5.
Configure MAB on the port that connects to the IP phone (port 1/0/10 in this example).
(Netgear Switch) #config
(Netgear Switch) (Config)#interface 1/0/10
(Netgear Switch) (Interface 1/0/10)#dot1x port-control mac-based
(Netgear Switch) (Interface 1/0/10)#dot1x mac-auth-bypass
(Netgear Switch) (Interface 1/0/10)#exit
(Netgear Switch) (config)#exit
Managed Switches
MAB
377
Hide quick links:
Advertisement
Table of Contents
