C
HAPTER
24
| General Security Measures
Network Access (MAC Address Authentication)
– 678 –
EXAMPLE
Console#show network-access interface ethernet 1/1
Global secure port information
Reauthentication Time : 1800
MAC address Aging : Disabled
Port : 1/1
MAC Authentication : Disabled
MAC Authentication Intrusion action : Block traffic
MAC Authentication Maximum MAC Counts : 1024
Maximum MAC Counts : 2048
Dynamic VLAN Assignment : Enabled
Dynamic QoS Assignment : Disabled
MAC Filter ID : Disabled
Guest VLAN : Disabled
Link Detection : Disabled
Detection Mode : Link-down
Detection Action : Trap
Console#
show
network-access
mac-address-table
Use this command to display secure MAC address table entries.
SYNTAX
show network-access mac-address-table [static | dynamic]
[address mac-address [mask]] [interface interface]
[sort {address | interface}]
static - Specifies static address entries.
dynamic - Specifies dynamic address entries.
mac-address - Specifies a MAC address entry.
(Format: xx-xx-xx-xx-xx-xx)
mask - Specifies a MAC address bit mask for filtering displayed
addresses.
interface - Specifies a port interface.
ethernet unit/port
unit - Unit identifier. (Range: 1)
port - Port number. (Range: 1-26)
sort - Sorts displayed entries by either MAC address or interface.
DEFAULT SETTING
Displays all filters.
COMMAND MODE
Privileged Exec
COMMAND USAGE
When using a bit mask to filter displayed MAC addresses, a 1 means “care”
and a 0 means “don't care”. For example, a MAC of 00-00-01-02-03-04 and
mask FF-FF-FF-00-00-00 would result in all MACs in the range 00-00-01-
To Next Page
Loading...
Need help?
General