742
C
52: MAC A
HAPTER
Displaying and
Maintaining MAC
Authentication
MAC Authentication
Configuration
Examples
Local MAC
Authentication
Configuration Example
C
UTHENTICATION
ONFIGURATION
You can neither add a MAC authentication enabled port into an aggregation
■
group, nor enable MAC authentication on a port added into an aggregation
group.
To do...
Display the global MAC
authentication information or the
MAC authentication information
about specified ports
Clear the MAC authentication
statistics
Network requirements
As illustrated in Figure 224, a supplicant is connected to the device through port
GigabitEthernet 1/0/1.
Local MAC authentication is required on every port to control user access to
■
the Internet.
All users belong to domain aabbcc.net.
■
A local user uses aaa as the username and 123456 as the password for
■
authentication.
Set the offline detect timer to 180 seconds and the quiet timer to 3 minutes.
■
Network Diagram
Figure 224 Network diagram for local MAC authentication
Supplicant
GE1/0/1
Host
Configuration Procedure
1 Configure MAC authentication on the switch.
# Add a local user.
<Sysname> system-view
[Sysname] local-user aaa
[Sysname-luser-aaa] password simple 123456
[Sysname-luser-aaa] service-type lan-access
[Sysname-luser-aaa] quit
# Configure ISP domain aabbcc.net, and specify to perform local authentication.
Use the command...
display mac-authentication
[ interface interface-list ]
reset mac-authentication
statistics [ interface interface-list ]
Authenticator
Switch
IP network
Remarks
Available in any
view
Available in user
view