Filter
Top Products
108 Device Security
Example #2: MAC-Based Authentication Mode
The PowerConnect 6200 Series switches support MAC-based 802.1X authentication. This feature allows
multiple hosts to authenticate on a single port. The hosts are distinguished by their MAC addresses.
When multiple hosts (for example, a PC, a printer, and a phone in the same office) are connected to the
switch on the same port, each of the connected hosts authenticates separately with the RADIUS server.
The following command enables MAC-based authentication on port 1/g8 and limits the number of
devices that can authenticate on that port to 3. The switchport mode general command sets the
port to an 802.1Q VLAN. The port must be in general mode in order to enable MAC-based 802.1X
authentication.
console#configure
console(config)#interface ethernet 1/g8
console(config-if-1/g8)#switchport mode general
console(config-if-1/g8)#dot1x port-control mac-based
console(config-if-1/g8)#dot1x max-users 3
console(config-if-1/g8)#exit
console(config)#exit
console#show dot1x ethernet 1/g8
Administrative Mode............... Enabled
Port Admin Oper Reauth Reauth
Mode Mode Control Period
------- ------------------ ------------ -------- ----------
1/g8 mac-based Unauthorized FALSE 3600
Quiet Period................................... 60
Transmit Period................................ 30
Maximum Requests............................... 2
Max Users...................................... 3
Supplicant Timeout............................. 30
Server Timeout (secs).......................... 30
Logical Supplicant AuthPAE Backend VLAN Username Filter
Port MAC-Address State State Id Id
------- -------------- -------- -------- ----- -------- ------
112 0000.0000.0000 Initialize Idle