3 configuring mac authentication, Configuring mac authentication -30, Nfigure mac authentication, refer to – Enterasys Networks 1G58x-09 User Manual

Page 712: Section 14.3.3, Cation, 3 configuring mac authentication purpose, Commands

Advertising
background image

Security Configuration Command Set

Configuring MAC Authentication

14-30

Matrix E1 Series (1G58x-09 and 1H582-xx) Configuration Guide

Examples

This example shows how to enable EAPOL:

This example shows how to enable EAPOL with forced unauthorized mode on Fast Ethernet front
panel port 1:

14.3.3 Configuring MAC Authentication

Purpose

To review, disable, enable and configure MAC authentication. This allows the device to
authenticate source MAC addresses in an exchange with an authentication server. The authenticator
(switch) selects a source MAC seen on a MAC-authentication enabled port and submits it to a
backend client for authentication. The backend client uses the MAC address stored password, if
required, as credentials for an authentication attempt. If accepted, a string representing an access
policy may be returned. If present, the switch applies the associated policy rules. For an overview
on working with MAC authentication, refer to

Section 14.4.2

.

Commands

The commands needed to review, enable, disable, and configure MAC authentication are listed
below and described in the associated section as shown:

show macauthentication (

Section 14.3.3.1

)

show macauthentication session (

Section 14.3.3.2

)

set macauthentication (

Section 14.3.3.3

)

Matrix>set eapol enable

Matrix>set eapol auth-mode forced-unauthorized fe.0.1

NOTES: When both 802.1X (EAPOL) and MAC authentication are enabled on the
same Matrix E1 device, the switch enforces a precedence relationship between MAC
authentication and 802.1X methods. For more information on these precedence rules,
refer to

Section 14.4.3.2

.

The Matrix E1 MAC authentication commands have no direct interdependencies with
the MAC locking commands described in

Section 14.3.4

. When a frame arrives at a

port, the Matrix E1 device runs the MAC locking algorithm first. If the frame passes the
MAC lock (i.e., it is not in violation), then the frame is eligible for authentication.

Advertising
This manual is related to the following products:

1H582-xx, E1 Series

Popular Brands
Popular manuals