802.1X Multicast-trigger is enabled
Mandatory authentication domain: NOT configured
Guest VLAN: NOT configured
Auth-Fail VLAN: NOT configured
Critical VLAN: NOT configured
Critical recovery-action: NOT configured
Max number of on-line users is 2048
EAPOL Packet: Tx 16331, Rx 102
Sent EAP Request/Identity Packets : 16316
EAP Request/Challenge Packets: 6
EAP Success Packets: 4, Fail Packets: 5
Received EAPOL Start Packets : 6
1. Authenticated user : MAC address: 0002-0000-0011
Controlled User(s) amount to 1
In addition, the port allows an additional user whose MAC address has an OUI among the specified
OUIs to access the port.
# Display MAC address information for interface GigabitEthernet 1/0/1.
<Device> display mac-address interface gigabitethernet 1/0/1
MAC ADDR
1234-0300-0011
---
1 mac address(es) found
Configuring the macAddressElseUserLoginSecure mode
Network requirements
As shown in
authenticates the client by a RADIUS server. If the authentication succeeds, the client is authorized to
access the Internet.
Restrict port GigabitEthernet 1/0/1 of the Device:
•
Allow more than one MAC authenticated user to log on.
For 802.1X users, perform MAC authentication first and then, if MAC authentication fails, 802.1X
•
authentication. Allow only one 802.1X user to log on.
Use MAC-based user accounts for MAC authentication users. The MAC addresses are hyphen
•
separated and in lower case.
Set the total number of MAC authenticated users and 802.1X authenticated users to 64.
•
Enable NTK to prevent frames from being sent to unknown MAC addresses.
•
Configuration procedure
Configurations on the host and RADIUS servers are not shown.
EAPOL LogOff Packets: 2
EAP Response/Identity Packets : 80
EAP Response/Challenge Packets: 6
Error Packets: 0
VLAN ID
STATE
1
Learned
Figure
41, a client is connected to the Device through GigabitEthernet 1/0/1. The Device
PORT INDEX
GigabitEthernet1/0/1
---
129
AGING TIME(s)
AGING