Filter
Top Products
60 Operation
Chapter 4 - System Configuration
addresses in the local table using the address filter entry command. To remove
an entry from the table, use the address filter delete command. To display the
current settings, use the show authentication command from the Exec mode.
4.4.5.0.2 CLI Commands for RADIUS MAC Authentication
Use the mac-authentication server command from the global configuration
mode to enable remote MAC authentication. Set the timeout value for
re-authentication using the mac- authentication session-timeout command. Be
sure to also configure connection settings for the RADIUS server (not shown in the
following example). To display the current settings, use the show authentication
command from the Exec mode.
Enterprise AP(config)#mac-authentication server local 200
Enterprise AP(config)#mac-authentication session-timeout 5 200
Enterprise AP(config)#address filter default denied 198
Enterprise AP(config)#address filter entry
00-70-50-cc-99-1a denied 199
Enterprise AP(config)#address filter entry
00-70-50-cc-99-1b allowed
Enterprise AP(config)#address filter entry
00-70-50-cc-99-1c allowed
Enterprise AP(config)#address filter delete
00-70-50-cc-99-1c
199
Enterprise AP(config)#exit
Enterprise AP#show authentication
197
Authentication Information
===========================================================
MAC Authentication Server : LOCAL
MAC Auth Session Timeout Value : 0 min
802.1x supplicant : DISABLED
802.1x supplicant user : EMPTY
802.1x supplicant password : EMPTY
Address Filtering : DENIED
System Default : ALLOW addresses not found in filter table.
Filter Table
MAC Address Status
----------------- ----------
00-70-50-cc-99-1a DENIED
00-70-50-cc-99-1b ALLOWED
=========================================================
Enterprise AP#