Configuring multi-device port authentication, Enabling multi-device port authentication, Configuring multi-device port authentication 3 – Brocade TurboIron 24X Series Configuration Guide User Manual
Page 1037: Globally enabling multi-device port authentication
Brocade TurboIron 24X Series Configuration Guide
1003
53-1003053-01
Configuring multi-device port authentication
If neither of these VSAs exist in a device profile on the RADIUS server, then by default the device is
subject to multi-device port authentication (if configured), then 802.1X authentication (if
configured). The RADIUS record can be used for both multi-device port authentication and 802.1X
authentication.
Configuring multi-device port authentication
Configuring multi-device port authentication on the device consists of the following tasks:
•
Enabling multi-device port authentication globally and on individual interfaces
•
Specifying the format of the MAC addresses sent to the RADIUS server (optional)
•
Specifying the authentication-failure action (optional)
•
Enabling and disabling SNMP traps for multi-device port authentication
•
Defining MAC address filters (optional)
•
Configuring dynamic VLAN assignment (optional)
•
Dynamically Applying IP ACLs to authenticated MAC addresses
•
Enabling denial of service attack protection (optional)
•
Clearing authenticated MAC addresses (optional)
•
Disabling aging for authenticated MAC addresses (optional)
•
Configuring the hardware aging period for blocked MAC addresses
•
Specifying the aging time for blocked MAC addresses (optional)
Enabling multi-device port authentication
To enable multi-device port authentication, you first enable the feature globally on the device. On
some devices, you can then enable the feature on individual interfaces.
Globally enabling multi-device port authentication
To globally enable multi-device port authentication on the device, enter the following command.
TurboIron(config)#mac-authentication enable
Syntax: [no] mac-authentication enable
Enabling multi-device port authentication on an interface
To enable multi-device port authentication on an individual interface, enter a command such as the
following.
TurboIron(config)#mac-authentication enable ethernet 1
Syntax: [no] mac-authentication enable <portnum> | all
The <portnum> parameter is a valid port number.
The all option enables the feature on all interfaces at once.
You can enable the feature on an interface at the interface CONFIG level.