To do...
Configure the username
and password for MAC
authentication
Set the maximum number
of concurrent MAC
authentication users
allowed on a port
You can configure MAC authentication for ports first. However, the configuration takes effect only
after you enable MAC authentication globally.
Enabling MAC authentication on a port is mutually exclusive with adding the port to an aggregation
group and adding the port to a service loopback group.
For details about the default ISP domain, refer to AAA Configuration in the Security Volume.
Displaying and Maintaining MAC Authentication
To do...
Display the global MAC
authentication information or
the MAC authentication
information about specified
ports
Clear the MAC authentication
statistics
MAC Authentication Configuration Examples
Local MAC Authentication Configuration Example
Network requirements
As illustrated in
Local MAC authentication is required on every port to control user access to the Internet.
All users belong to domain aabbcc.net.
Local users use their MAC addresses as the usernames and passwords for authentication.
Set the offline detect timer to 180 seconds and the quiet timer to 3 minutes.
Use the command...
mac-authentication
user-name-format { fixed
[ account name ] [ password
{ cipher | simple } password ] |
mac-address [ { with-hyphen |
without-hyphen } [ lowercase |
uppercase ] ] }
interface interface-type
interface-number
mac-authentication max-user
user-number
display mac-authentication
[ interface interface-list ]
reset mac-authentication
statistics [ interface
interface-list ]
Figure
1-1, a supplicant is connected to the device through port GigabitEthernet 2/0/1.
Use the command...
1-4
Remarks
Optional
By default, the user's source
MAC address (in lower case)
with "-" serves as the username
and password.
Optional
By default, the maximum
number allowed on a port is
1024.
Remarks
Available in any view
Available in user view