iii
Configuration prerequisites ··········································································································································· 98
Configuring a free IP ····················································································································································· 98
Configuring the redirect URL ········································································································································· 99
Setting the EAD rule timer ············································································································································· 99
Displaying and maintaining EAD fast deployment
····································································································· 99
EAD fast deployment configuration example ············································································································ 100
Network requirements········································································································································· 100
Configuration procedure ···································································································································· 101
Verifying the configuration ································································································································· 101
Troubleshooting EAD fast deployment ······················································································································· 102
Web browser users cannot be correctly redirected ························································································ 102
Configuring MAC authentication ··························································································································· 103
Overview······································································································································································· 103
User account policies ·········································································································································· 103
Authentication approaches ································································································································ 103
MAC authentication timers ································································································································· 104
Using MAC authentication with other features ········································································································· 104
VLAN assignment ················································································································································ 104
ACL assignment ··················································································································································· 104
Configuration task list ·················································································································································· 104
Basic configuration for MAC authentication ············································································································· 105
Specifying a MAC authentication domain ················································································································ 106
Displaying and maintaining MAC authentication ···································································································· 106
MAC authentication configuration examples
············································································································ 107
Local MAC authentication configuration example··························································································· 107
RADIUS-based MAC authentication configuration example··········································································· 108
ACL assignment configuration example············································································································ 110
Configuring port security ········································································································································ 113
Overview······································································································································································· 113
Port security features ··········································································································································· 113
Port security modes ············································································································································· 113
Working with guest VLAN and Auth-Fail VLAN ······························································································ 116
Configuration task list ·················································································································································· 116
Enabling port security ·················································································································································· 116
Setting port security's limit on the number of MAC addresses on a port······························································· 117
Setting the port security mode ···································································································································· 117
Configuration prerequisites ································································································································ 118
Configuration procedure ···································································································································· 118
Configuring port security features ······························································································································ 118
Configuring NTK ················································································································································· 118
Configuring intrusion protection ························································································································ 119
Enabling port security traps································································································································ 119
Configuring secure MAC addresses ·························································································································· 120
Configuration prerequisites ································································································································ 121
Configuration procedure ···································································································································· 121
Ignoring authorization information ···························································································································· 122
Displaying and maintaining port security·················································································································· 122
Port security configuration examples ························································································································· 123
Configuring the autoLearn mode ······················································································································· 123
Configuring the userLoginWithOUI mode ········································································································ 125
Configuring the macAddressElseUserLoginSecure mode················································································ 129
Troubleshooting port security ······································································································································ 132
Cannot set the port security mode ····················································································································· 132