EasyManua.ls Logo

Alcatel-Lucent AOS-W 6.5.3.x - MAC-Based Authentication; Configuring MAC-Based Authentication

Alcatel-Lucent AOS-W 6.5.3.x
1160 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
AOS-W 6.5.3.x | User Guide MAC-based Authentication | 212
Chapter 9
MAC-based Authentication
This chapter describes how to configure MAC-based authentication on the Alcatel-Lucent switch using the
WebUI.
Use MAC-based authentication to authenticate devices based on their physical media access control (MAC)
address. Although this not the most secure and scalable method, MAC-based authentication implicitly provides
an addition layer of security to authenticate devices. MAC-based authentication is often used to authenticate
and allow network access through certain devices while denying access to the rest. For example, if clients are
allowed access to the network through station A, then one method of authenticating station A is MAC-based.
Clients may be required to authenticate themselves using other methods depending on the network privileges
required.
MAC-based authentication can also be used to authenticate Wi-Fi phones as an additional layer of security to
prevent other devices from accessing the voice network using what is normally an insecure SSID.
This chapter describes the following topics:
n Configuring MAC-Based Authentication on page 212
n Configuring Clients on page 213
Configuring MAC-Based Authentication
Before configuring MAC-based authentication, you must configure the following options:
n User role—The user role that will be assigned as the default role for the MAC-based authenticated clients.
(See Roles and Policies on page 375 for information on firewall policies to configure roles.)
Configure the default user role for MAC-based authentication in the AAA profile. If derivation rules exist or if
the client configuration in the internal database has a role assigned, these values take precedence over the
default user role.
n Authentication server group—The authentication server group that the switch uses to validate the clients.
The internal database can be used to configure the clients for MAC-based authentication. See Configuring
Clients on page 213 for information on configuring the clients on the local database. For information on
configuring authentication servers and server groups, see Authentication Servers on page 178.
Configuring the MAC Authentication Profile
Table 54 describes the parameters you can configure for MAC-based authentication.

Table of Contents