beautypg.com

Example port authentication configurations, Also, refer to the example configuration of, Multi-device port authentication with dynamicvlan – Brocade FastIron Ethernet Switch Security Configuration Guide User Manual

Page 281: Assignment

background image

To display the table of allowed mac addresses enter the show table denied-mac command as shown.

Syntax: show table mac address

The mac address variable is the specified MAC address.

device#show table denied-mac

-------------------------------------------------------------------------------

MAC Address Port Vlan Authenticated Time Age dot1x

-------------------------------------------------------------------------------

0000.0010.1021 2/1/48 4092 No 00d00h32m48s H8 Dis

0000.0010.1022 2/1/48 4092 No 00d00h32m48s H8 Dis

device

To display MAC authentication for a specific port, enter the show table ethernet stack-unit/slot/port
command as shown.

device#show table eth 2/1/48

--------------------------------------------------------------------------------------

---------

MAC Address Port Vlan Authenticated Time Age CAM MAC Dot1x Type Pri Index

Index

--------------------------------------------------------------------------------------

---------

0000.0010.1002 2/1/48 2 Yes 00d00h30m 57s Ena 0000

70d4 Dis Dyn 0

0000.0010.1003 2/1/48 2 Yes 00d00h30m 57s Ena 0002

3df0 Dis Dyn 0

0000.0010.1004 2/1/48 2 Yes 00d00h30m 57s Ena 0001

1e74 Dis Dyn 0

0000.0010.1021 2/1/48 4092 No 00d00h36m 22s H60 0003

7a2c Dis Dyn 0

0000.0010.1022 2/1/48 4092 No 00d00h36m 22s H60 0004

4d7c Dis Dyn 0

device#

Example port authentication configurations

This section includes configuration examples of multi-device port authentication with dynamic VLAN
assignment, and multi-device port authentication and 802.1X authentication.

Multi-device port authentication with dynamicVLAN assignment

The following figure illustrates multi-device port authentication with dynamic VLAN assignment on a
Brocade device. In this configuration, a PC and an IP phone are connected to a hub, which is
connected to port e1 on a Brocade device. The profile for the PC MAC address on the RADIUS server
specifies that the PC should be dynamically assigned to VLAN 102, and the RADIUS profile for the IP
phone specifies that it should be dynamically assigned to VLAN 3.

Example port authentication configurations

FastIron Ethernet Switch Security Configuration Guide

281

53-1003088-03

See also other documents in the category Brocade Computer Accessories: