Table of Contents
Advertisement
Offline detect period
Quiet period
Server timeout
Authentication domain
Max MAC-auth users
Online MAC-auth users
Silent MAC users:
FortyGigE1/1/1
MAC authentication
Carry User-IP
Authentication domain
Auth-delay timer
Re-auth server-unreachable : Logoff
Guest VLAN
Guest VLAN auth-period
Critical VLAN
Critical voice VLAN
Host mode
Offline detection
Authentication order
Max online users
Authentication attempts
Current online users
The output shows that Host A has passed MAC authentication and has come online. Host B failed
MAC authentication and its MAC address is marked as a silent MAC address.
RADIUS-based MAC authentication configuration example
Network requirements
As shown in
and accounting for users.
To control user access to the Internet by MAC authentication, perform the following tasks:
•
Enable MAC authentication globally and on port FortyGigE 1/1/1.
•
Configure the device to detect whether a user has gone offline every 180 seconds.
•
Configure the device to deny a user for 180 seconds if the user fails MAC authentication.
•
Configure all users to belong to the ISP domain bbb.
•
Use a shared user account for all users, with the username aaa and password 123456.
Password
: Not configured
: 180 s
: 180 s
: 100 s
: bbb
: 4294967295 per slot
: 1
MAC address
VLAN ID
00e0-fc11-1111
8
is link-up
MAC address
Auth state
00e0-fc12-3456
Authenticated
Figure
36, the device uses RADIUS servers to perform authentication, authorization,
From port
FortyGigE1/1/1
: Enabled
: Disabled
: Not configured
: Disabled
: Not configured
: 30 s
: Not configured
: Disabled
: Single VLAN
: Enabled
: Default
: 4294967295
: successful 1, failed 0
: 1
117
Port index
1
Advertisement
Table of Contents
Troubleshooting
