C613-50100-01 REV C Command Reference for x930 Series 2137
AlliedWare Plus™ Operating System - Version 5.4.6-1.x
AUTHENTICATION COMMANDS
AUTH
-MAC ENABLE
auth-mac enable
Overview This command enables MAC-based authentication on the interface specified in the
Interface command mode.
Use the no variant of this command to disable MAC-based authentication on an
interface.
Syntax
auth-mac enable
no auth-mac enable
Default MAC-Authentication is disabled by default.
Mode Interface Configuration for a static channel, a dynamic (LACP) channel group, or a
switch port; or Authentication Profile mode.
Usage Enabling spanning-tree edgeport on ports after enabling MAC-based
authentication avoids unnecessary re-authentication when the port state changes,
which does not happen when spanning tree edgeport is enabled. Note that
re-authentication is correct behavior without spanning-tree edgeport enabled.
Applying switchport mode access on ports is also good practice to set the ports
to access mode with ingress filtering turned on, whenever ports for
MAC-Authentication are in a VLAN.
Examples To enable MAC-Authentication on interface port1.0.2 and enable spanning
tree edgeport to avoid unnecessary re-authentication, use the following
commands:
awplus# configure terminal
awplus(config)# interface port1.0.2
awplus(config-if)# auth-mac enable
awplus(config-if)# spanning-tree edgeport
awplus(config-if)# switchport mode access
To disable MAC-Authentication on interface port1.0.2, use the following
commands:
awplus# configure terminal
awplus(config)# interface port1.0.2
awplus(config-if)# no auth-mac enable
To enable MAC authentication on authentication profile ‘student’, use the
commands:
awplus# configure terminal
awplus(config)# auth profile student
awplus(config-auth-profile)# auth-mac enable
To Next Page
Loading...
Need help?
General
