ZyWALL Series CLI Reference Guide
452
50.2.4.1 MAC Auth Example
This example uses an external server to authenticate wireless clients by MAC address. After
authentication the Zyxel Device maps the wireless client to a mac-address user account (MAC role).
Configure user-aware features to control MAC address user access to network services.
The following commands:
• Create a MAC role (mac-address user type user account) named Zyxel-mac
• Map a wireless client’s MAC address of 00:13:49:11:a0:c4 to the Zyxel-mac MAC role (MAC address
user account)
• Modify the WLAN security profile named secureWLAN1 as follows:
• Turn on MAC authentication
• Use the authentication method named Auth1
• Use colons to separate the two-character pairs within account MAC addresses
[no] mac-auth database mac oui type ext-oui
mac-role mac-users description description
Maps the specified OUI (Organizationally
Unique Identifier) authenticated by an external
server to the specified MAC role. The MAC role is
a MAC address user account. The MAC address
you set here will be mapped to the MAC
address user account. When a WiFi client
connects to the Zyxel Device, the Zyxel Device
will check the WiFi client MAC address to see if
the WiFi client MAC address has been mapped
with the MAC address user account.
The OUI is the first three octets in a MAC address
and uniquely identifies the manufacturer of a
network device.
The
no command deletes the mapping
between the OUI and the MAC role.
[no] mac-auth database mac oui type int-oui
mac-role mac-users description description
Maps the specified OUI (Organizationally
Unique Identifier) authenticated by the Zyxel
Device’s local user database to the specified
MAC role. The MAC role is a MAC address user
account. The MAC address you set here will be
mapped to the MAC address user account.
When a WiFi client connects to the Zyxel Device,
the Zyxel Device will check the WiFi client MAC
address to see if the WiFi client MAC address has
been mapped with the MAC address user
account.
The OUI is the first three octets in a MAC address
and uniquely identifies the manufacturer of a
network device.
The
no command deletes the mapping
between the OUI and the MAC role.
Table 254 MAC-Auth Commands Summary (continued)
COMMAND DESCRIPTION
To Next Page
Loading...
