742 CHAPTER 52: MAC AUTHENTICATION CONFIGURATION
■ You can neither add a MAC authentication enabled port into an aggregation
group, nor enable MAC authentication on a port added into an aggregation
group.
Displaying and
Maintaining MAC
Authentication
MAC Authentication
Configuration
Examples
Local MAC
Authentication
Configuration Example
Network requirements
As illustrated in Figure 224, a supplicant is connected to the device through port
GigabitEthernet 1/0/1.
■ Local MAC authentication is required on every port to control user access to
the Internet.
■ All users belong to domain aabbcc.net.
■ A local user uses aaa as the username and 123456 as the password for
authentication.
■ Set the offline detect timer to 180 seconds and the quiet timer to 3 minutes.
Network Diagram
Figure 224 Network diagram for local MAC authentication
Configuration Procedure
1 Configure MAC authentication on the switch.
# Add a local user.
<Sysname> system-view
[Sysname] local-user aaa
[Sysname-luser-aaa] password simple 123456
[Sysname-luser-aaa] service-type lan-access
[Sysname-luser-aaa] quit
# Configure ISP domain aabbcc.net, and specify to perform local authentication.
To do… Use the command… Remarks
Display the global MAC
authentication information or the
MAC authentication information
about specified ports
display mac-authentication
[ interface interface-list ]
Available in any
view
Clear the MAC authentication
statistics
reset mac-authentication
statistics [ interface interface-list ]
Available in user
view
IP network
GE1/0/1
Switch
Supplicant
Authenticator
Host
To Next Page
Loading...
