270 CHAPTER 11: 802.1X CONFIGURATION
Table 297 Configuring the ISP Domain used by the Centralized MAC Address
Authentication User
By default, the domain used by the centralized MAC address authentication user is
null, that is, not configured.
Configuring Centralized
MAC Address
Authentication Timers
Centralized MAC address authentication timers include:
Offline-detect: Sets the time interval for the Switch to detect whether the user is
offline. When the Switch detects that the user is offline, it notifies the RADIUS
server immediately, and the server stops charging the user from that address.
Quiet: If the authentication to the user fails, the Switch needs a period of quiet
time (set by the quiet timer) before it re-authenticates. The Switch does not
authenticate during the quiet time.
Server-timeout: During the authentication to the user, if the connection between
the Switch and the RADIUS server times out, the Switch denies the user’s access to
the network on corresponding ports.
Perform the following configuration in System View.
Table 298 Configuring Centralized MAC Address Authentication Timers
By default, the offline-detect time is 300 seconds; quiet time is 60 seconds; and
the server-timeout time is 100 seconds.
Displaying and
Debugging Centralized
MAC Address
Authentication
After the above configuration, perform the display command in any view, you
can view the centralized MAC address authentication running state and check the
configuration result. Perform the
debugging command in User View, you can
debug the centralized MAC address authentication.
Table 299 Displaying and Debugging Centralized MAC Address Authentication
Auto VLAN Auto VLAN uses three return list attributes to dynamically assign VLAN(s) to a port
as the user logs in.
Operation Command
Configure the ISP domain used by the
centralized MAC address authentication user
mac-authentication domain
isp_name
Return to the defaults undo mac-authentication domain
Operation Command
Configure centralized
MAC address
authentication timers
mac-authentication timer { offline-detect
offline_detect_value
| quiet
quiet_value
|
server-timeout
server_timeout_value
}
Return to the defaults undo mac-authentication timer { offline-detect |
quiet | server-timeout }
Operation Command
Display the global information of the
centralized MAC address authentication
display mac-authentication [
interface
interface_list
]
Enable the centralized MAC address
authentication debugging switch
debugging mac-authentication
event
Disable the centralized MAC address
authentication debugging switch
undo debugging
mac-authentication event
To Next Page