Task
Display MAC authentication connections (in
standalone mode).
Display MAC authentication connections (in
IRF mode).
Clear MAC authentication statistics.
Remove users from the MAC authentication
critical VLAN on a port.
Remove users from the MAC authentication
critical voice VLAN on a port.
Remove users from the MAC authentication
guest VLAN on a port.
MAC authentication configuration examples
Local MAC authentication configuration example
Network requirements
As shown in
control Internet access of users.
Configure the device to meet the following requirements:
•
Detect whether a user has gone offline every 180 seconds.
•
Deny a user for 180 seconds if the user fails MAC authentication.
•
Authenticate all users in ISP domain bbb.
•
Use the MAC address of each user as the username and password for authentication. A MAC
address is in the hexadecimal notation with hyphens, and letters are in lower case.
Figure 42 Network diagram
Configuration procedure
# Add a network access local user. In this example, configure both the username and password as
Host A's MAC address 00-e0-fc-12-34-56.
<Device> system-view
[Device] local-user 00-e0-fc-12-34-56 class network
Figure
42, the device performs local MAC authentication on GigabitEthernet 1/0/1 to
Command
display mac-authentication connection [ interface
interface-type interface-number | slot slot-number |
user-mac mac-addr | user-name user-name ]
display mac-authentication connection [ chassis
chassis-number slot slot-number | interface
interface-type interface-number | user-mac mac-addr |
user-name user-name ]
reset mac-authentication statistics [ interface
interface-type interface-number ]
reset mac-authentication critical-vlan interface
interface-type interface-number [ mac-address
mac-address ]
reset mac-authentication critical-voice-vlan interface
interface-type interface-number [ mac-address
mac-address ]
reset mac-authentication guest-vlan interface
interface-type interface-number [ mac-address
mac-address ]
127