Optional) Enabling Mac Bypass Authentication - Huawei Quidway S3700 Series Configuration Manual
Hide thumbs
Also See for Quidway S3700 Series:
- Configuration manual (398 pages) ,
- Quick start manual (70 pages) ,
- Manual (69 pages)
Table of Contents
Advertisement
Quidway S3700 Series Ethernet Switches
Configuration Guide - Security
----End
2.4.4 (Optional) Enabling MAC Bypass Authentication
Context
The 802.1x client software cannot be installed or used on some special terminals, such as printers.
In this case, the MAC bypass authentication can be adopted.
If 802.1x authentication on the terminal fails, the access device sends the user name and
password, namely, the MAC address of the terminal, to the RADIUS server for authentication.
This process is MAC address bypass authentication.
You can configure MAC address bypass authentication in the following ways.
Procedure
l
l
Issue 01 (2011-07-15)
interface interface-type interface-number
The interface view is displayed.
3.
Run:
dot1x enable
802.1x authentication is enabled on the interface.
If there are online users who log in through 802.1x authentication, disabling 802.1x
authentication is prohibited.
In the system view:
1.
Run:
system-view
The system view is displayed.
2.
Run:
dot1x mac-bypass interface { interface-type interface-number1 [ to
interface-number2 ] } &<1-10>
MAC bypass authentication is enabled on interfaces.
You can configure MAC address bypass authentication on interfaces in batches by
specifying the interface list in the dot1x mac-bypass command in the system view.
In the interface view:
1.
Run:
system-view
The system view is displayed.
2.
Run:
interface interface-type interface-number
The interface view is displayed.
3.
Run:
dot1x mac-bypass
MAC address bypass authentication is enabled on the interface.
Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
2 NAC Configuration
57
Advertisement
Table of Contents
