[Device] mac-authentication
Verifying the configuration
# Verify the MAC authentication configuration.
[Device] display mac-authentication
Global MAC authentication parameters:
MAC authentication
Username format
Offline detect period
Quiet period
Server timeout
Authentication domain
Max MAC-auth users
Online MAC-auth users
Silent MAC users:
MAC address
FortyGigE1/1/1
MAC authentication
Carry User-IP
Authentication domain
Auth-delay timer
Re-auth server-unreachable : Logoff
Guest VLAN
Guest VLAN auth-period
Critical VLAN
Critical voice VLAN
Host mode
Offline detection
Authentication order
Max online users
Authentication attempts
Current online users
MAC address
00e0-fc12-3456
ACL assignment configuration example
Network requirements
As shown in
•
Use RADIUS servers to perform authentication, authorization, and accounting for users.
•
Perform MAC authentication on port FortyGigE 1/1/1 to control Internet access.
•
Use MAC-based user accounts for MAC authentication users. Each MAC address is in the
hexadecimal notation with hyphens, and letters are in lower case.
•
Use an ACL to deny authenticated users to access the FTP server at 10.0.0.1.
: Enabled
: Fixed account
Username
: aaa
Password
: ******
: 180 s
: 180 s
: 100 s
: bbb
: 4294967295 per slot
: 1
VLAN ID
is link-up
Auth state
Authenticated
Figure
37, configure the device to meet the following requirements:
From port
: Enabled
: Disabled
: Not configured
: Disabled
: Not configured
: 30 s
: Not configured
: Disabled
: Single VLAN
: Enabled
: Default
: 4294967295
: successful 1, failed 0
: 1
119
Port index