Comparing eap relay and eap termination, Configuring mac authentication timers – H3C Technologies H3C S12500-X Series Switches User Manual

Page 95

Advertising
background image

83

Step Command

Remarks

2.

Configure the MAC

authentication user
account format.

Use one MAC-based user account
for each user:

mac-authentication

user-name-format mac-address
[ { with-hyphen | without-hyphen }

[ lowercase | uppercase ] ]

Use one shared user account for all
users:

mac-authentication

user-name-format fixed [ account

name ] [ password { cipher |
simple } password ]

Use either method.
By default, the device uses the
MAC address of a user as the

username and password for
MAC authentication. The MAC

address is in lower case without

hyphens.

58B

Configuring MAC authentication timers

MAC authentication uses the following timers:

Offline detect timer—Sets the interval that the device waits for traffic from a user before it regards
the user idle. If a user connection has been idle within the interval, the device logs the user out and
stops accounting for the user.

Quiet timer—Sets the interval that the device must wait before it can perform MAC authentication
for a user who has failed MAC authentication. All packets from the MAC address are dropped

during the quiet time. This quiet mechanism prevents repeated authentication from affecting system

performance.

Server timeout timer—Sets the interval that the device waits for a response from a RADIUS server
before it regards the RADIUS server unavailable. If the timer expires during MAC authentication,
the user cannot access the network.

To configure MAC authentication timers:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Configure MAC
authentication timers.

mac-authentication timer { offline-detect
offline-detect-value | quiet quiet-value |

server-timeout server-timeout-value }

By default, the offline detect
timer is 300 seconds, the quiet

timer is 60 seconds, and the

server timeout timer is 100

seconds.

59B

Setting the maximum number of concurrent MAC

authentication users on a port

Perform this task to prevent the system resources from being overused.
To set the maximum number of concurrent MAC authentication users on a port:

Advertising
This manual is related to the following products:

H3C S5560 Series Switches, H3C WX6000 Series Access Controllers, H3C WX5000 Series Access Controllers, H3C WX3000 Series Unified Switches, H3C LSWM1WCM10 Access Controller Module, H3C LSWM1WCM20 Access Controller Module, H3C LSQM1WCMB0 Access Controller Module, H3C LSRM1WCM2A1 Access Controller Module, H3C LSBM1WCM2A0 Access Controller Module, H3C S9800 Series Switches, H3C S5130 Series Switches, H3C S5120 Series Switches

Popular Brands
Popular manuals