Chapter5ServiceConguration
Whentheauthenticationrequestsucceeds,viewtheuserinformationbyusingthe
showclientcommand.
zte(cfg)#showclient
MaxClients:256HistoryAccessClientsTotal:1
OnlineClients:1HistoryFailureClientsTotal:0
Flags:I-Index,Au-Authorized,P-PortId,US-UpSpeed,DS-DownSpeed,Y-yes,N-no
IUserNameAuPVlanMacAddressUSDSElapsedTime
-------------------------------------------------------------------
0liushujieY2100.19.e0.1a.97.dd000:0:0:22
5.19MACAuthenticationConguration
MACAuthenticationOverview
Oncurrentnetworks,manydevices(suchasIPphonesandprinters)donotsupportthe
authenticationclient.Whenconnectedtonetworks,thedevicescannotinitiateD0T1X
authentication.
MACauthenticationmeansthat,withaMACaddresssegmentconguredonadevice,
whenthedevicedetectsthataMACaddressbelongstotheaddresssegment,aswitch
agentinitiatesauthentication.Theuser'sMACaddressisusedasausernameand
password.IfaRADIUSserverreturnsamessageindicatingthattheauthentication
succeeded,thedevicecanaccessthenetwork.
ConguringMACAuthentication
TheMACauthenticationcongurationincludesthefollowingcommands:
CommandFunction
zte(cfg-nas)#aaa-controlmac-authentication{enable|disable}EnablesordisablestheMAC
authenticationfunction.
zte(cfg-nas)#aaa-controlmac-authenticationsession<1-3>
range<HH.HH.HH.HH.HH.HH><HH.HH.HH.HH.HH.HH>
AddstherangeofMACaddresses
thatneedauthenticationinunitof
session.
zte(cfg-nas)#clearmac-authenticationsession<1-3>ClearstherangeofMAC
addressesinunitofsession.
zte(cfg-nas)#clearmac-authenticationclientClearsallclientswithauthenticated
MACaddresses.
zte(cfg-nas)#clearmac-authenticationclientmac
<HH.HH.HH.HH.HH.HH>
ClearsaspecicMAC
authenticationclient.
zte(cfg-nas)#clearmac-authenticationclient{port<portlist>|
vlan<vlanlist>}
Clearsclientsonaspecicportor
inaspecicVLAN.
5-79
SJ-20130731155059-002|2013-11-27(R1.0)ZTEProprietaryandCondential
To Next Page
Loading...
