C
HAPTER
25
| General Security Measures
Network Access (MAC Address Authentication)
– 666 –
EXAMPLE
Console#show network-access interface ethernet 1/1
Global secure port information
Reauthentication Time : 1800
--------------------------------------------------
--------------------------------------------------
Port : 1/1
MAC Authentication : Disabled
MAC Authentication Intrusion action : Block traffic
MAC Authentication Maximum MAC Counts : 1024
Maximum MAC Counts : 2048
Dynamic VLAN Assignment : Enabled
Guest VLAN : Disabled
Console#
show network-
access mac-
address-table
Use this command to display secure MAC address table entries.
SYNTAX
show network-access mac-address-table [static | dynamic]
[address mac-address [mask]] [interface interface]
[sort {address | interface}]
static - Specifies static address entries.
dynamic - Specifies dynamic address entries.
mac-address - Specifies a MAC address entry.
(Format: xx-xx-xx-xx-xx-xx)
mask - Specifies a MAC address bit mask for filtering displayed
addresses.
interface - Specifies a port interface.
ethernet unit/port
unit - Unit identifier. (Range: 1)
port - Port number. (Range: 1-10)
sort - Sorts displayed entries by either MAC address or interface.
DEFAULT SETTING
Displays all filters.
COMMAND MODE
Privileged Exec
COMMAND USAGE
When using a bit mask to filter displayed MAC addresses, a 1 means “care”
and a 0 means “don't care”. For example, a MAC of 00-00-01-02-03-04 and
mask FF-FF-FF-00-00-00 would result in all MACs in the range 00-00-01-
00-00-00 to 00-00-01-FF-FF-FF to be displayed. All other MACs would be
filtered out.
To Next Page
Loading...
Need help?
General