105
[Device] mac-authentication user-name-format fixed account aaa password simple 123456
2. Verify the configuration
# Display MAC authentication settings and statistics.
<Device> display mac-authentication
MAC address authentication is enabled.
User name format is fixed account
Fixed username:aaa
Fixed password:******
Offline detect period is 180s
Quiet period is 180s.
Server response timeout value is 100s
The max allowed user number is 1024 per slot
Current user number amounts to 1
Current domain is 2000
Silent Mac User info:
MAC ADDR From Port Port Index
Gigabitethernet1/0/1 is link-up
MAC address authentication is enabled
Authenticate success: 1, failed: 0
Max number of on-line users is 256
Current online user number is 1
MAC ADDR Authenticate state Auth Index
00e0-fc12-3456 MAC_AUTHENTICATOR_SUCCESS 29
# After the user passes authentication, use the display connection command to display the online user
information.
<Device> display connection
Slot: 1
Index=696 , Username=aaa@2000
IP=N/A
IPv6=N/A
MAC=00e0-fc12-3456
Total 1 connection(s) matched on slot 1.
Total 1 connection(s) matched.
ACL assignment configuration example
Network requirements
As shown in Figure 37, a host connects to port GigabitEthernet 1/0/1 on the device and the device
performs RADIUS servers for authentication, authorization, and accounting.
Perform MAC authentication on port GigabitEthernet 1/0/1 to control Internet access. Ensure that an
authenticated user can access the Internet but the FTP server at 10.0.0.1.
Use MAC-based user accounts for MAC authentication users. The MAC addresses are hyphen separated
and in lower case.
To Next Page
Loading...
