408
Configuring MAC authentication on a port
1. From the navigation tree, select Authentication > MAC Authentication.
2. In the Ports With MAC Authentication Enabled area, click Add.
Figure 389 Configuring MAC authentication on a port
3. Configure MAC authentication for a port as described in Table 126, and then click Apply.
Table 126 Configuration items
Item Descri
Port Selects a port on which you want to enable MAC authentication.
Enable MAC VLAN
Specifies whether to enable MAC-based VLAN on the port.
IMPORTANT:
You can enable MAC authentication only on hybrid ports.
Auth-Fail VLAN
Specifies an existing VLAN as the MAC authentication Auth-Fail VLAN.
IMPORTANT:
• The MAC authentication Auth-Fail VLAN has a lower priority than the
802.1X guest VLAN on a port that performs MAC-based access
control. If a user fails both types of authentication, the access port
adds the user to the 802.1X guest VLAN. For more information about
802.1X guest VLANs, see "Configuring 802.1X."
• The MAC authentication Auth-Fail VLAN function has higher priority
than the quiet function of MAC authentication.
• The MAC authentication Auth-Fail VLAN function has higher priority
than the block MAC action, but it has lower priority than the shutdown
port action of the port intrusion protection feature. For more
information about port intrusion protection, see "Configuring port
se
curity."
MAC authentication configuration examples
Local MAC authentication configuration example
Network requirements
As shown in Figure 390, configure local MAC authentication on port GigabitEthernet 1/0/1 to control
Internet access, as follows:
To Next Page
Loading...
Need help?
General
