Mac Address-Based Security; Eapol-Based Security - Nortel 2526T Configuration

Ethernet routing switch 2500 series

Hide thumbs Also See for 2526T:

Reference manual (56 pages)

Quick install manual (1 page)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

227

228

page of 228

/ 228
Contents
Table of Contents
Bookmarks

Table of Contents

When RADIUS password fallback is disabled, you must specify the RADIUS

username and password from the NetLogin screen. Unless the RADIUS

server is conﬁgured and reachable, you cannot log on to the switch to

authenticate the login and password.

The Radius password fallback feature is disabled by default.

You can use the following CLI commands to enable and disable this feature:

•

The no radius-server CLI command disables the RADIUS fallback feature,

along with the remaining RADIUS conﬁguration.

MAC address-based security

The MAC address-based security feature lets you set up network access

control, based on source MAC addresses of authorized stations.

You can:

•

The MAC address-based security feature is based on Nortel BaySecure

LAN Access for Ethernet, a real-time security system that safeguards

Ethernet networks from unauthorized surveillance and intrusion.

EAPOL-based security

The Ethernet Routing Switch 2500 Series provides security on the basis

of Extensible Authentication Protocol over LAN (EAPOL), and it uses the

EAP as is given in the IEEE 802.IX so that you can set up a network access

control over LANs. With EAP, you can authenticate user information through

a connection between a client and the switch by using an authentication

radius-server password fallback

no radius-server

Create a list of up to 448 MAC addresses and specify which addresses

are authorized to connect to your switch. The 448 MAC addresses

can be conﬁgured within a single standalone switch, or they can be

distributed in any order among the units in a single stack conﬁguration.

Specify which of your switch ports each MAC address is allowed to

access.

The options for allowed port access include: NONE, ALL, and single or

multiple ports that are speciﬁed in a list.

Specify optional actions to be exercised by your switch if the software

detects a security violation.

The response can be to send a trap, turn on destination address (DA)

ﬁltering, disable a speciﬁc port, or any combination of these three

options.

Nortel Ethernet Routing Switch 2500 Series

Security — Conﬁguration and Management

NN47215-505 (323165-B) 02.01 Standard

4.1 19 November 2007

Conﬁguring Security options 21

ATTENTION

Table of Contents

Show Quick Links

Quick Links:
Before You Begin
Console/Telnet/Web Password Conﬁguration
Username and Password
Setting Management Passwords

Hide quick links:

Table of Contents

This manual is also suitable for:

2550t 2526t-pwr 2550t-pwr

Mac Address-Based Security; Eapol-Based Security - Nortel 2526T Configuration

MAC address-based security

EAPOL-based security

Hide quick links:

Related Manuals for Nortel 2526T

Related Content for Nortel 2526T

This manual is also suitable for:

Table of Contents