Configuring authentication 207
You can add MAC addresses to the database in three ways:
•
using the /cfg/doamin #/aaa/auth #/macdb/add command
• using the /cfg/doamin #/aaa/auth #/macdb/import command
to import a file that has been properly formatted
• using the MAC Registration portal provided at login when a user
belongs to a group with macreg set to True (/cfg/doamin
#/aaa/group #/macreg)
To manage MAC addresses and associated parameters, use the following
command:
/cfg/doamin #/aaa/auth #/macdb
The MAC database menu appears.
The MAC database menu includes the following options:
Table 44
Managing the local MAC database
/cfg/doamin #/aaa/auth #/macdb
followed by:
add
Adds a MAC address to the local database. You are prompted for the
following information:
• MAC address—MAC address of the host
• user name—username of the host operator; optional
•
device
type
<PC>
<phone>
<passive>
— PC: when the host is a computer
— phone: when the host is a supported IP telephone
— passive: when the device does not have an operator (for
examples: a printer, a video camera); it is recommended that
passive devices belong to their own, unique group
• IP type <dhcp> <static>
— dhcp: when the IP address of the host is provided by a DHCP
server
— static: when the IP address of the host is static
• switch IP address—IP address of the network access device that
serves the host; optional; recommended when device type is passive
• group name(s)—The name(s) or ID number(s) of the NSNA group(s)
of which the host is a member; a list of available groups is provided; if
there is more than one group, separate with a colon
• comments—any ASCII string, up to 80 characters; optional
Nortel Secure Network Access Switch
Using the Command Line Interface
NN47230-100 03.01 Standard
28 July 2008
Copyright © 2007, 2008 Nortel Networks
.
