Network-access port-mac-filter, Network-access port-mac, Filter – Microsens MS453490M Management Guide User Manual

C

HAPTER

25

| General Security Measures

Network Access (MAC Address Authentication)

– 650 –

◆

When port status changes to down, all MAC addresses are cleared from

the secure MAC address table. Static VLAN assignments are not

restored.

◆

The RADIUS server may optionally return a VLAN identifier list. VLAN

identifier list is carried in the “Tunnel-Private-Group-ID” attribute. The

VLAN list can contain multiple VLAN identifiers in the format “1u,2t,”

where “u” indicates untagged VLAN and “t” tagged VLAN. The “Tunnel-

Type” attribute should be set to “VLAN,” and the “Tunnel-Medium-Type”

attribute set to “802.”

E

XAMPLE

Console(config-if)#network-access mode mac-authentication

Console(config-if)#

network-access

port-mac-filter

Use this command to enable the specified MAC address filter. Use the no

form of this command to disable the specified MAC address filter.

S

YNTAX

network-access port-mac-filter filter-id
no network-access port-mac-filter

filter-id - Specifies a MAC address filter table. (Range: 1-64)

D

EFAULT

S

ETTING

None

C

OMMAND

M

ODE

Interface Configuration

C

OMMAND

M

ODE

◆

Entries in the MAC address filter table can be configured with the

network-access mac-filter

command.

◆

Only one filter table can be assigned to a port.

E

XAMPLE

Console(config)#interface ethernet 1/1

Console(config-if)#network-access port-mac-filter 1

Console(config-if)#