C
HAPTER
24
| General Security Measures
Network Access (MAC Address Authentication)
– 873 –
well as to any secure MAC addresses authenticated by 802.1X,
regardless of the 802.1X Operation Mode (Single-Host, Multi-Host, or
MAC-Based authentication as described on page 844).
◆ The maximum number of secure MAC addresses supported for the
switch system is 1024.
EXAMPLE
Console(config-if)#network-access aging
Console(config-if)#
network-access
mac-filter
Use this command to add a MAC address into a filter table. Use the no
form of this command to remove the specified MAC address.
SYNTAX
[no] network-access mac-filter filter-id
mac-address mac-address [mask mask-address]
filter-id - Specifies a MAC address filter table. (Range: 1-64)
mac-address - Specifies a MAC address entry.
(Format: xx-xx-xx-xx-xx-xx)
mask - Specifies a MAC address bit mask for a range of addresses.
DEFAULT SETTING
Disabled
COMMAND MODE
Global Configuration
COMMAND USAGE
◆ Specified addresses are exempt from network access authentication.
◆ This command is different from configuring static addresses with the
mac-address-table static command in that it allows you configure a
range of addresses when using a mask, and then to assign these
addresses to one or more ports with the network-access port-mac-filter
command.
◆ Up to 64 filter tables can be defined.
◆ There is no limitation on the number of entries that can entered in a
filter table.
EXAMPLE
Console(config)#network-access mac-filter 1 mac-address 11-22-33-44-55-66
Console(config)#
To Next Page
Loading...
