Filter
Top Products
98
Enhancements
Release M.10.27 Enhancements
Release M.10.27 Enhancements
Release M.10.27 includes the following enhancement:
■ Enhancement (PR_1000374085) — This enhancement expands the use of the Controlled
Directions parameter to also support MAC/Web authentication.
Syntax: aaa port-access <port-list > controlled-directions <both | in>
After you enable MAC-based authentication on specified ports, you can use
the aaa port-access controlled-directions command to configure how a port
transmits traffic before it successfully authenticates a client and enters
the authenticated state.
both (default): Incoming and outgoing traffic is blocked on a port config-
ured for MAC authentication before authentication occurs.
in: Incoming traffic is blocked on a port configured for MAC authentication
before authentication occurs. Outgoing traffic with unknown destination
addresses is flooded on unauthenticated ports configured for web authen-
tication.
Prerequisites: As implemented in 802.1X authentication, the disabling
of incoming traffic and transmission of outgoing traffic on a MAC-
authenticated egress port in an unauthenticated state (using the aaa port-
access controlled-directions in command) is supported only if:
■ The 802.1s Multiple Spanning Tree Protocol (MSTP) or 802.1w Rapid
Spanning Tree Protocol (RSTP) is enabled on the switch. MSTP and
RSTP improve resource utilization while maintaining a loop-free
network.
■ The port is configured as an edge port in the network using the
spanning-tree <port-list> edge-port command.
For information on how to configure the prerequisites for using the aaa
port-access controlled-directions in command, see the chapter titled “Span-
ning-Tree Operation” in the Advanced Traffic Management Guide for your
switch.
To display the currently configured Controlled Directions value for MAC-
authenticated ports, enter the show port-access mac-based config command.