beautypg.com

Network access (mac address authentication), Table 86: network access commands, Network access – LevelOne GTL-2691 User Manual

Page 927: Mac a, Etwork, Ccess, Ddress, Uthentication

background image

C

HAPTER

29

| General Security Measures

Network Access (MAC Address Authentication)

– 927 –

N

ETWORK

A

CCESS

(MAC A

DDRESS

A

UTHENTICATION

)

Network Access authentication controls access to the network by

authenticating the MAC address of each host that attempts to connect to a

switch port. Traffic received from a specific MAC address is forwarded by

the switch only if the source MAC address is successfully authenticated by

a central RADIUS server. While authentication for a MAC address is in

progress, all traffic is blocked until authentication is completed. Once

successfully authenticated, the RADIUS server may optionally assign VLAN

and QoS settings for the switch port.

Table 86: Network Access Commands

Command

Function

Mode

network-access aging

Enables MAC address aging

GC

network-access mac-filter

Adds a MAC address to a filter table

GC

mac-authentication reauth-

time

Sets the time period after which a connected MAC

address must be re-authenticated

GC

network-access dynamic-qos

Enables the dynamic quality of service feature

IC

network-access dynamic-vlan

Enables dynamic VLAN assignment from a RADIUS

server

IC

network-access guest-vlan

Specifies the guest VLAN

IC

network-access link-detection

Enables the link detection feature

IC

network-access link-detection

link-down

Configures the link detection feature to detect and

act upon link-down events

IC

network-access link-detection

link-up

Configures the link detection feature to detect and

act upon link-up events

IC

network-access link-detection

link-up-down

Configures the link detection feature to detect and

act upon both link-up and link-down events

IC

network-access max-mac-

count

Sets the maximum number of MAC addresses that

can be authenticated on a port via all forms of

authentication

IC

network-access mode mac-

authentication

Enables MAC authentication on an interface

IC

network-access port-mac-

filter

Enables the specified MAC address filter

IC

mac-authentication intrusion-

action

Determines the port response when a connected

host fails MAC authentication.

IC

mac-authentication max-

mac-count

Sets the maximum number of MAC addresses that

can be authenticated on a port via MAC

authentication

IC

clear network-access

Clears authenticated MAC addresses from the

address table

PE

show network-access

Displays the MAC authentication settings for port

interfaces

PE

show network-access mac-

address-table

Displays information for entries in the secure MAC

address table

PE

show network-access mac-

filter

Displays information for entries in the MAC filter

tables

PE

See also other documents in the category LevelOne Routers: