Brocade BigIron RX Series Configuration Guide User Manual
Page 29
BigIron RX Series Configuration Guide
xxix
53-1002484-04
Configuring Multi-Device Port Authentication
How multi-device port authentication works. . . . . . . . . . . . . . . . 1005
RADIUS authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1005
Authentication-failure actions . . . . . . . . . . . . . . . . . . . . . . . . 1006
Supported RADIUS attributes . . . . . . . . . . . . . . . . . . . . . . . . 1006
Dynamic VLAN and ACL assignments. . . . . . . . . . . . . . . . . . 1006
Support for authenticating multiple MAC addresses
on an interface. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1007
Support for multi-device port authentication and 802.1x
on the same interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1007
Configuring multi-device port authentication . . . . . . . . . . . . . . . .1007
Enabling multi-device port authentication . . . . . . . . . . . . . . 1008
Configuring an authentication method list for 802.1x . . . . 1008
Setting RADIUS parameters . . . . . . . . . . . . . . . . . . . . . . . . . 1008
Specifying the format of the MAC addresses sent to the
RADIUS server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1009
Specifying the authentication-failure action . . . . . . . . . . . . 1009
Defining MAC address filters. . . . . . . . . . . . . . . . . . . . . . . . . .1010
Configuring dynamic VLAN assignment . . . . . . . . . . . . . . . . .1011
Specifying to which VLAN a port is moved after its
RADIUS-specified VLAN assignment expires . . . . . . . . . . . . .1014
Saving dynamic VLAN assignments to the running
configuration file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1014
Clearing authenticated MAC addresses . . . . . . . . . . . . . . . . .1015
Disabling aging for authenticated MAC addresses . . . . . . . .1015
Specifying the aging time for blocked MAC addresses . . . . .1016
Displaying multi-device port authentication information . . . . . . .1016
Displaying authenticated MAC address information . . . . . . .1017
Displaying multi-device port authentication configuration
information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1017
Displaying multi-device port authentication information for
a specific MAC address or port . . . . . . . . . . . . . . . . . . . . . . . 1020
Displaying the authenticated MAC addresses . . . . . . . . . . . .1021
Displaying the non-authenticated MAC addresses . . . . . . . .1021
Example configurations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1021
Multi-device port authentication with dynamic
VLAN assignment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1022
Examples of multi-device port authentication and 802.1X
authentication configuration on the same port. . . . . . . . . . .1024
Using the MAC Port Security Feature and Transparent Port Flooding
Overview of MAC port security . . . . . . . . . . . . . . . . . . . . . . . . . . . 1029
Violation actions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1029
Local and global resources . . . . . . . . . . . . . . . . . . . . . . . . . . 1030