144
Periodic reauthentication is disabled
The port is an authenticator
Authentication Mode is Auto
Port Control Type is Mac-based
802.1X Multicast-trigger is enabled
Mandatory authentication domain: NOT configured
Guest VLAN: NOT configured
Auth-Fail VLAN: NOT configured
Critical VLAN: NOT configured
Critical recovery-action: NOT configured
Max number of on-line users is 256
EAPOL Packet: Tx 16331, Rx 102
Sent EAP Request/Identity Packets : 16316
EAP Request/Challenge Packets: 6
EAP Success Packets: 4, Fail Packets: 5
Received EAPOL Start Packets : 6
EAPOL LogOff Packets: 2
EAP Response/Identity Packets : 80
EAP Response/Challenge Packets: 6
Error Packets: 0
1. Authenticated user : MAC address: 0002-0000-0011
Controlled User(s) amount to 1
In addition, the port allows an additional user whose MAC address has an OUI among the specified
OUIs to access the port.
# Display MAC address information for interface Ethernet 1/1.
<Device> display mac-address interface ethernet 1/1
MAC ADDR VLAN ID STATE PORT INDEX AGING TIME(s)
1234-0300-0011 1 Learned Ethernet1/1 AGING
--- 1 mac address(es) found ---
Configuring the macAddressElseUserLoginSecure mode
Network requirements
As shown in Figure 51, a client is connected to the Device through Ethernet 1/1. The Device
authenticates the client by a RADIUS server. If the authentication succeeds, the client is authorized
to access the Internet.
Restrict port Ethernet 1/1 of the Device:
• Allow more than one MAC authenticated user to log on.
• For 802.1X users, perform MAC authentication first and then, if MAC authentication fails,
802.1X authentication. Allow only one 802.1X user to log on.
• Use the hyphenated, lowercased MAC address of a user as both the username and password
for MAC authentication of the user.
• Set the total number of MAC authenticated users and 802.1X authenticated users to 64.
• Enable NTK to prevent frames from being sent to unknown MAC addresses.
To Next Page
Loading...
Need help?
General
