Configuring mac-based vlan for a dynamic host, Configuring dynamic mac-based vlan – Brocade Communications Systems Brocade ICX 6650 6650 User Manual

Page 240

Advertising
background image

220

Brocade ICX 6650 Security Configuration Guide

53-1002601-01

MAC-based VLAN configuration

6. To remove and disable the MAC-based VLAN configuration.

Brocade(config)# interface ethernet 1/1/1
Brocade(config-if-e10000-1/1/1)# no mac-auth mac-vlan

Configuring MAC-based VLAN for a dynamic host

Follow the steps given below to configure MAC-based VLAN for a dynamic host.

1. Enable multi-device port authentication globally using the following command.

Brocade(config)# mac-authentication enable

2. Add each port on which you want MAC-based VLAN enabled as mac-vlan-permit for a specific

VLAN.

Brocade(config)# vlan 10 by port
Brocade(config-vlan-10)# mac-vlan-permit ethernet 1/1/1 to 1/1/6

3. Enable MAC-based VLAN on the port.

Brocade(config)# interface ethernet 1/1/1
Brocade(config-if-e10000-1/1/1)# mac-authentication mac-vlan enable

4. Disable MAC-based VLAN on the port.

Brocade(config)# interface ethernet 1/1/1
Brocade(config-if-e10000-1/1/1)# mac-auth mac-vlan disable

5. Remove and disable the MAC-based VLAN configuration.

Brocade(config)# interface ethernet 1/1/1
Brocade(config-if-e10000-1/1/1)# no mac-auth mac-vlan

Configuring dynamic MAC-based VLAN

To globally enable MAC-based VLAN globally (for all MAC-based VLAN ports), enter the following
commands.

Brocade(config)# mac-authentication enable
Brocade(config)# mac-authentication mac-vlan-dyn-activation

To configure Dynamic MAC-based VLAN to add a specific port to a specific VLAN, enter commands
similar to the following.

Brocade(config)# vlan 10
Brocade(config-vlan-10)# mac-vlan-permit ethernet 1/1/5

Syntax: mac-vlan-permit ethernet stack-unit/slotnum/portnum

To disable Dynamic MAC-based VLAN, enter the following command.

Brocade(config)# no mac-authentication mac-vlan-dyn-activation

NOTE

If static Mac-Based VLAN is configured on a port, the port will be added only to the VLAN table for
which the static MAC-based VLAN configuration exists.

Advertising
Popular Brands
Popular manuals