Network-access max-mac-count, Mac-authentication intrusion-action – Planet Technology SGSD-1022 User Manual

Page 474

background image

User’s Manual of SGSD-1022 / SGSD-1022P

SGSW-2840 / SGSW-2840P

474

assignments are not restored.

The RADIUS server may optionally return a VLAN identifier list. VLAN identifier list is carried in the

“Tunnel-Private-Group-ID” attribute. The VLAN list can contain multiple VLAN identifiers in the format “1u,2t,” where “u”

indicates untagged VLAN and “t” tagged VLAN. The “Tunnel-Type” attribute should be set to “VLAN,” and the

“Tunnel-Medium-Type” attribute set to “802.”

Example

Console(config-if)#network-access mode mac-authentication

Console(config-if)#

network-access max-mac-count

Use this command to set the maximum number of MAC addresses that can be authenticated on a port via all forms of

authentication. Use the no form of this command to restore the default.

Syntax

network-access max-mac-count count

no network-access max-mac-count\

count - The maximum number of authenticated MAC addresses allowed. (Range: 1 to 2048; 0 for unlimited)

Default Setting

2048

Command Mode

Interface Configuration

Command Usage

The maximum number of MAC addresses per port is 2048, and the maximum number of secure MAC addresses

supported for the switch system is 1024. When the limit is reached, all new MAC addresses are treated as an

authentication failed.

Example

Console(config-if)#network-access max-mac-count 5

Console(config-if)#

mac-authentication intrusion-action

Use this command to configure the port response to a host MAC authentication failure. Use the no form of this command to

restore the default.