4
Command Line Interface
Network Access
The Network Access feature controls host access to the network by authenticating
its MAC address on the connected switch port. Traffic received from a specific MAC
address is forwarded by the switch only if the source MAC address is successfully
authenticated by a central RADIUS server. While authentication for a MAC address
is in progress, all traffic is blocked until authentication is completed. On successful
authentication, the RADIUS server may optionally assign VLAN settings for the
switch port.
Command
network-access mode
network-access
max-mac-count
mac-authentication
intrusion-action
mac-authentication
max-mac-count
network-access
dynamic-vlan
network-access guest-vlan
mac-authentication
reauth-time
clear network-access
show network-access
show network-access
mac-address-table
network-access mode
Use this command to enable network access authentication on a port interface. Use
the no form of this command to disable network access authentication.
Syntax
[no] network-access mode mac-authentication
Default Setting
Disabled
Command Mode
Interface Configuration
4-108
MAC Address Authentication
–
Table 4-35 Network Access
Function
Enables MAC authentication on an interface
Sets a maximum for authenticated MAC addresses on an
interface
Determines the port response when a connected host fails
MAC authentication.
Sets a maximum for mac-authentication autenticated
MAC addresses on an interface
Enables dynamic VLAN assignment from a RADIUS
server
Specifies the guest VLAN
Sets the time period after which a connected MAC
address must be re-authenticated
Clears authenticated MAC addresses from the address
table
Displays the MAC authentication settings for port
interfaces
Displays information for entries in the secure MAC
address table
www.digisol.com
Mode
Page
IC
4-108
IC
4-109
IC
4-110
IC
4-110
IC
4-111
IC
4-111
GC
4-112
PE
4-113
PE
4-113
PE
4-114