3Com 5500-SI Switch User Manual

Open as PDF

of 686

196 CHAPTER 14: CENTRALIZED MAC ADDRESS AUTHENTICATION CONFIGURATION

Centralized MAC

Address

Authentication

Configuration

The following sections describe centralized MAC address authentication

configuration tasks:

■ Enabling Global/Port-based Centralized MAC Address Authentication

■ Setting Centralized MAC Address Authentication Timers

■ Displaying and Debugging Centralized MAC Address Authentication

■ Centralized MAC Address Authentication Configuration Example

For a port, the centralized MAC address authentication configuration and the

maximum number of learned MAC addresses configuration are mutually exclusive.

That is, if you enable the centralized MAC address authentication function for a port,

the maximum number of learned MAC addresses configuration (see the

mac-address max-mac-count command) is unavailable. And if you set the

maximum number of learned MAC addresses, the centralized MAC address

authentication configuration is unavailable.

Enabling

Global/Port-based

Centralized MAC

Address Authentication

Table 175 lists the operations to enable centralized MAC address authentication on

specified ports.

Port-based centralized MAC address authentication configurations take effect only

when global centralized MAC address authentication is also enabled.

Configuring an ISP

Domain for MAC

Address Authentication

Users

Table 176 lists the operations to configure an ISP domain for centralized MAC address

authentication users.

Setting Centralized MAC

Address Authentication

Timers

Following timers are used in centralized MAC address authentication.

■ Offline-detect timer. This timer sets the interval for a switch to test whether or not

a user goes offline. Upon determining a user is offline, a switch notifies the

RADIUS server of the state of the user, and the RADIUS server in turn stops

perform accounting operation on the user.

■ Quiet timer. If a user fails to pass the authentication performed by a switch, the

switch stops authenticating users for a specified period before it authenticates

users again. You can use the quiet timer to set the period.

Table 175 Enable/disable centralized MAC address authentication

Operation Command Description

Enter system view system-view —

Enable centralized

MAC address

authentication

mac-authentication interface

interface-list

Required

By default, global and port-based

centralized MAC address

authentications are disabled.

Table 176 Configure an ISP domain for MAC address authentication users

Operation Command Description

Enter system view system-view —

Configure an ISP domain

for MAC address

authentication users

mac-authentication domain

isp-name

Required

By default, the ISP domain is not

configured for MAC address

authentication users.

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

3Com 5500-SI Switch User Manual