Filter
Top Products
544 PowerConnect B-Series FCX Configuration Guide
53-1002266-01
Sample application
15
FIGURE 111 Sample MAC-based VLAN configuration
Host A MAC address is statically mapped to VLAN 1 with priority 1 and is not subjected to RADIUS
authentication. When Host B MAC address is authenticated, the Access-Accept message from the
RADIUS server specifies that Host B MAC address be placed into VLAN 2. Since Host C MAC
address is not present in the RADIUS server, Host C will be rejected by the server and its MAC
address will be placed into a restricted VLAN.
Below is the configuration for this example.
module 1 FCX-48-port-management-module
module 2 FCX-xfp-1-cx4-2-port-16g-module
vlan 1 by port
untagged ethe 0/1/10
mac-vlan-permit ethe 0/1/1 to 0/1/2
no spanning-tree
vlan 2 by port
untagged ethe 0/1/30
mac-vlan-permit ethe 0/1/1 to 0/1/2
no spanning-tree
vlan 666 name mac_restricted by port
untagged ethe 0/1/20
mac-vlan-permit ethe 0/1/1 to 0/1/2
no spanning-tree
vlan 4000 name DEFAULT-VLAN by port
no spanning-tree
vlan 4004 by port
mac-vlan-permit ethe 0/1/1
default-vlan-id 4000
ip address 10.44.3.8 255.255.255.0
ip default-gateway 10.44.3.1
radius-server host 10.44.3.111
radius-server key 1 $-ndUno
mac-authentication enable
mac-authentication max-age 60
RADIUS Server
User: 0030.4875.3f73 (Host B)
Tunnel-Private-Group-ID = VLAN2
No profile for MAC 0030.4875.3ff5
(Host C)
Port e1
mac-vlan-permit
PS1
PS2
37
38
13
14
25
26
Lnk
Act
Power
Lnk/
Act
FDX
FDX
Lnk/
Act
Console
Hub
Untagged
Untagged
Untagged
Host station A
MAC: 0030.4888.b9fe
Host station B
MAC: 0030.4875.3f73
Host station C
MAC: 0030.4875.3ff5
Device
49C
50C
49F 50F
1
2