HP 6125G HP 6125G & 6125G/XG Blade Switches Security Configuration Gui - Page 117
MAC authentication configuration examples, Network requirements, Configuration procedure
View all HP 6125G manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 117 highlights
Task Display MAC authentication information. Clear MAC authentication statistics. Command Remarks display mac-authentication [ interface interface-list ] [ | { begin | exclude | include } regular-expression ] Available in any view reset mac-authentication statistics [ interface interface-list ] Available in user view MAC authentication configuration examples Local MAC authentication configuration example Network requirements In the network in Figure 37, perform local MAC authentication on port GigabitEthernet 1/0/1 to control Internet access. Make sure that: • All users belong to domain aabbcc.net. • Local users use their MAC address as the username and password for MAC authentication. The MAC addresses are hyphen separated and in lower case. • The access device detects whether a user has gone offline every 180 seconds. When a user fails authentication, the device does not authenticate the user within 180 seconds. Figure 37 Network diagram Configuration procedure # Add a local user account, set both the username and password to 00-e0-fc-12-34-56, the MAC address of the user host, and enable LAN access service for the account. system-view [Device] local-user 00-e0-fc-12-34-56 [Device-luser-00-e0-fc-12-34-56] password simple 00-e0-fc-12-34-56 [Device-luser-00-e0-fc-12-34-56] service-type lan-access [Device-luser-00-e0-fc-12-34-56] quit # Configure ISP domain aabbcc.net to perform local authentication for LAN access users. [Device] domain aabbcc.net [Device-isp-aabbcc.net] authentication lan-access local [Device-isp-aabbcc.net] quit # Enable MAC authentication globally. [Device] mac-authentication # Enable MAC authentication on port GigabitEthernet 1/0/1. [Device] mac-authentication interface gigabitethernet 1/0/1 107