HP FlexFabric 5700 Series Security Configuration Manual page 124

Configuration procedure
# Add a network access local user. In this example, configure both the username and password as Host
A's MAC address 00-e0-fc- 1 2-34-56.
<Device> system-view
[Device] local-user 00-e0-fc-12-34-56 class network
[Device-luser-network-00-e0-fc-12-34-56] password simple 00-e0-fc-12-34-56
# Specify the LAN access service for the user.
[Device-luser-network-00-e0-fc-12-34-56] service-type lan-access
[Device-luser-network-00-e0-fc-12-34-56] quit
# Configure ISP domain bbb to perform local authentication for LAN users.
[Device] domain bbb
[Device-isp-bbb] authentication lan-access local
[Device-isp-bbb] quit
# Enable MAC authentication on port Ten-GigabitEthernet 1/0/1.
[Device] interface ten-gigabitethernet 1/0/1
[Device-Ten-GigabitEthernet1/0/1] mac-authentication
[Device-Ten-GigabitEthernet1/0/1] quit
# Specify the MAC authentication domain as the ISP domain bbb.
[Device] mac-authentication domain bbb
# Configure MAC authentication timers.
[Device] mac-authentication timer offline-detect 180
[Device] mac-authentication timer quiet 180
# Configure MAC authentication to use MAC-based accounts. Each MAC address is in the hexadecimal
notation with hyphens, and letters are in lower case.
[Device] mac-authentication user-name-format mac-address with-hyphen lowercase
# Enable MAC authentication globally.
[Device] mac-authentication
Verifying the configuration
# Display MAC authentication settings and statistics to verify your configuration.
[Device] display mac-authentication
Global MAC authentication parameters:
MAC authentication
User name format
Offline detect period
Quiet period
Server timeout
Authentication domain
Max MAC-auth users
Online MAC-auth users
Silent MAC users:
: Enabled
: MAC address in lowercase(xx-xx-xx-xx-xx-xx)
Username : mac
Password : Not configured
: 180 s
: 180 s
: 100 s
: bbb
: 4294967295 per slot
: 1
MAC address VLAN ID
00e0-fc11-1111 8
From port
Ten-GigabitEthernet1/0/1
112
Port index
1