3Com 4510G Configuration Manual page 623

[Device-isp-2000] accounting default radius-scheme 2000
[Device-isp-2000] quit
# Enable MAC authentication globally.
[Device] mac-authentication
# Enable MAC authentication for port GigabitEthernet 1/0/1.
[Device] mac-authentication interface GigabitEthernet 1/0/1
# Specify the ISP domain for MAC authentication.
[Device] mac-authentication domain 2000
# Set the MAC authentication timers.
[Device] mac-authentication timer offline-detect 180
[Device] mac-authentication timer quiet 180
# Specify to use the username aaa and password 123456 for MAC authentication of all users.
[Device] mac-authentication user-name-format fixed account aaa password simple 123456
2) Verify the configuration
# Display global MAC authentication information.
<Device> display mac-authentication
MAC address authentication is enabled.
User name format is fixed account
Fixed username:aaa
Fixed password:123456
Offline detect period is 180s
Quiet period is 180s.
Server response timeout value is 100s
The max allowed user number is 1024 per slot
Current user number amounts to 1
Current domain is 2000
Silent Mac User info:
MAC Addr
GigabitEthernet1/0/1 is link-up
MAC address authentication is enabled
Authenticate success: 1, failed: 0
Current online user number is 1
MAC Addr
00e0-fc12-3456
ACL Assignment Configuration Example
Network requirements
As shown in Figure
MAC authentication to access the Internet.
Specify to use the MAC address of a user as the username and password for MAC authentication
of the user.
Configure the RADIUS server to assign ACL 3000.
From Port
Authenticate state
MAC_AUTHENTICATOR_SUCCESS
5-3, a host is connected to port GigabitEthernet 1/0/1 of the switch and must pass
Port Index
Auth Index
29
5-7