Chapter 8
| General Security Measures
Network Access (MAC Address Authentication)
– 261 –
MAC Filter : Disabled
Last Intrusion MAC : 00-10-22-00-00-01
Last Time Detected Intrusion MAC : 2010/7/29 15:13:03
Console#
Network Access (MAC Address Authentication)
Network Access authentication controls access to the network by authenticating
the MAC address of each host that attempts to connect to a switch port. Traffic
received from a specific MAC address is forwarded by the switch only if the source
MAC address is successfully authenticated by a central RADIUS server. While
authentication for a MAC address is in progress, all traffic is blocked until
authentication is completed. Once successfully authenticated, the RADIUS server
may optionally assign VLAN and QoS settings for the switch port.
Table 51: Network Access Commands
Command Function Mode
network-access aging Enables MAC address aging GC
network-access mac-filter Adds a MAC address to a filter table GC
mac-authentication reauth-time Sets the time period after which a connected MAC
address must be re-authenticated
GC
network-access dynamic-qos Enables the dynamic quality of service feature IC
network-access dynamic-vlan Enables dynamic VLAN assignment from a RADIUS server IC
network-access guest-vlan Specifies the guest VLAN IC
network-access link-detection Enables the link detection feature IC
network-access link-detection
link-down
Configures the link detection feature to detect and act
upon link-down events
IC
network-access link-detection
link-up
Configures the link detection feature to detect and act
upon link-up events
IC
network-access link-detection
link-up-down
Configures the link detection feature to detect and act
upon both link-up and link-down events
IC
network-access max-mac-count Sets the maximum number of MAC addresses that can be
authenticated on a port via all forms of authentication
IC
network-access mode
mac-authentication
Enables MAC authentication on an interface IC
network-access port-mac-filter Enables the specified MAC address filter IC
mac-authentication
intrusion-action
Determines the port response when a connected host
fails MAC authentication.
IC
mac-authentication
max-mac-count
Sets the maximum number of MAC addresses that can be
authenticated on a port via MAC authentication
IC
clear network-access Clears authenticated MAC addresses from the address
table
PE
show network-access Displays the MAC authentication settings for port
interfaces
PE
To Next Page
Loading...
Need help?
General