Chapter 8
| General Security Measures
Network Access (MAC Address Authentication)
– 222 –
Example
The following example enables port security for port 5, and sets the response to a
security violation to issue a trap message:
Console(config)#interface ethernet 1/5
Console(config-if)#port security action trap
Related Commands
show interfaces status (304)
shutdown (300)
mac-address-table static (362)
Network Access (MAC Address Authentication)
Network Access authentication controls access to the network by authenticating
the MAC address of each host that attempts to connect to a switch port. Traffic
received from a specific MAC address is forwarded by the switch only if the source
MAC address is successfully authenticated by a central RADIUS server. While
authentication for a MAC address is in progress, all traffic is blocked until
authentication is completed. Once successfully authenticated, the RADIUS server
may optionally assign VLAN and QoS settings for the switch port.
Table 47: Network Access Commands
Command Function Mode
network-access aging Enables MAC address aging GC
network-access mac-filter Adds a MAC address to a filter table GC
mac-authentication reauth-time Sets the time period after which a connected MAC
address must be re-authenticated
GC
network-access dynamic-qos Enables the dynamic quality of service feature IC
network-access dynamic-vlan Enables dynamic VLAN assignment from a RADIUS server IC
network-access guest-vlan Specifies the guest VLAN IC
network-access link-detection Enables the link detection feature IC
network-access link-detection
link-down
Configures the link detection feature to detect and act
upon link-down events
IC
network-access link-detection
link-up
Configures the link detection feature to detect and act
upon link-up events
IC
network-access link-detection
link-up-down
Configures the link detection feature to detect and act
upon both link-up and link-down events
IC
network-access max-mac-count Sets the maximum number of MAC addresses that can be
authenticated on a port via all forms of authentication
IC
network-access mode
mac-authentication
Enables MAC authentication on an interface IC
network-access port-mac-filter Enables the specified MAC address filter IC
To Next Page
Loading...
Need help?
General
