C
HAPTER
25
| General Security Measures
Network Access (MAC Address Authentication)
– 643 –
COMMAND MODE
Global Configuration
COMMAND USAGE
◆ Specified addresses are exempt from network access authentication.
◆ This command is different from configuring static addresses with the
mac-address-table static command in that it allows you configure a
range of addresses when using a mask, and then to assign these
addresses to one or more ports with the network-access port-mac-filter
command.
◆ Up to 64 filter tables can be defined.
◆ There is no limitation on the number of entries that can entered in a
filter table.
EXAMPLE
Console(config)#network-access mac-filter 1 mac-address 11-22-33-44-55-66
Console(config)#
mac-authentication
reauth-time
Use this command to set the time period after which a connected MAC
address must be re-authenticated. Use the no form of this command to
restore the default value.
SYNTAX
mac-authentication reauth-time seconds
no mac-authentication reauth-time
seconds - The reauthentication time period.
(Range: 120-1000000 seconds)
DEFAULT SETTING
1800
COMMAND MODE
Global Configuration
COMMAND USAGE
◆ The reauthentication time is a global setting and applies to all ports.
◆ When the reauthentication time expires for a secure MAC address it is
reauthenticated with the RADIUS server. During the reauthentication
process traffic through the port remains unaffected.
EXAMPLE
Console(config)#mac-authentication reauth-time 300
Console(config)#
To Next Page
Loading...
