HP 6125G HP 6125G & 6125G/XG Blade Switches Security Command Reference - Page 130
MAC authentication supports the following types of user account
View all HP 6125G manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 130 highlights
Default level 2: System level Parameters fixed: Uses a shared account for all MAC authentication users. account name: Specifies the username for the shared account. The name takes a case-insensitive string of 1 to 55 characters. If no username is specified, the default name mac applies. password: Specifies the password for the shared user account. cipher: Sets a ciphertext password. simple: Sets a plaintext password. password: Specifies the password. This argument is case sensitive. If simple is specified, the password must be a string of 1 to 63 characters. If cipher is specified, the password must be a ciphertext string of 1 to 117 characters. mac-address: Uses MAC-based user accounts for MAC authentication users. If this option is specified, you must create one user account for each user, and use the MAC address of the user as both the username and password for the account. You can also specify the format of username and password: • with-hyphen-Hyphenates the MAC address, for example xx-xx-xx-xx-xx-xx. • without-hyphen-Excludes hyphens from the MAC address, for example, xxxxxxxxxxxx. • lowercase-Enters letters in lower case. • uppercase-Capitalizes letters. Description Use mac-authentication user-name-format to configure the type of user accounts for MAC authentication users. Use undo mac-authentication user-name-format to restore the default. By default, each user's MAC address is used as the username and password for MAC authentication, and letters must be input in lower case without hyphens. MAC authentication supports the following types of user account: • One MAC-based user account for each user. A user can pass MAC authentication only when its MAC address matches a MAC-based user account. This approach is suitable for an insecure environment. • One shared user account for all users. Any user can pass MAC authentication on any MAC authentication enabled port. You can use this approach in a secure environment to limit network resources accessible to MAC authentication users, for example, by assigning an authorized ACL or VLAN for the shared account. The configuration file saves the password for a shared user account in cipher text, regardless of whether it is specified in cipher text or plain text. Related commands: display mac-authentication. Examples # Configure a shared account for MAC authentication users: set the username as abc and password as xyz in plain text. system-view [Sysname] mac-authentication user-name-format fixed account abc password simple xyz 121