beautypg.com

Brocade BigIron RX Series Configuration Guide User Manual

Page 29

background image

BigIron RX Series Configuration Guide

xxix

53-1002484-04

Chapter 32

Configuring Multi-Device Port Authentication

How multi-device port authentication works. . . . . . . . . . . . . . . . 1005

RADIUS authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1005
Authentication-failure actions . . . . . . . . . . . . . . . . . . . . . . . . 1006
Supported RADIUS attributes . . . . . . . . . . . . . . . . . . . . . . . . 1006
Dynamic VLAN and ACL assignments. . . . . . . . . . . . . . . . . . 1006
Support for authenticating multiple MAC addresses
on an interface. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1007
Support for multi-device port authentication and 802.1x
on the same interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1007

Configuring multi-device port authentication . . . . . . . . . . . . . . . .1007

Enabling multi-device port authentication . . . . . . . . . . . . . . 1008
Configuring an authentication method list for 802.1x . . . . 1008
Setting RADIUS parameters . . . . . . . . . . . . . . . . . . . . . . . . . 1008
Specifying the format of the MAC addresses sent to the
RADIUS server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1009
Specifying the authentication-failure action . . . . . . . . . . . . 1009
Defining MAC address filters. . . . . . . . . . . . . . . . . . . . . . . . . .1010
Configuring dynamic VLAN assignment . . . . . . . . . . . . . . . . .1011
Specifying to which VLAN a port is moved after its
RADIUS-specified VLAN assignment expires . . . . . . . . . . . . .1014
Saving dynamic VLAN assignments to the running
configuration file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1014
Clearing authenticated MAC addresses . . . . . . . . . . . . . . . . .1015
Disabling aging for authenticated MAC addresses . . . . . . . .1015
Specifying the aging time for blocked MAC addresses . . . . .1016

Displaying multi-device port authentication information . . . . . . .1016

Displaying authenticated MAC address information . . . . . . .1017
Displaying multi-device port authentication configuration
information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1017
Displaying multi-device port authentication information for
a specific MAC address or port . . . . . . . . . . . . . . . . . . . . . . . 1020
Displaying the authenticated MAC addresses . . . . . . . . . . . .1021
Displaying the non-authenticated MAC addresses . . . . . . . .1021

Example configurations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1021

Multi-device port authentication with dynamic
VLAN assignment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1022
Examples of multi-device port authentication and 802.1X
authentication configuration on the same port. . . . . . . . . . .1024

Chapter 33

Using the MAC Port Security Feature and Transparent Port Flooding

Overview of MAC port security . . . . . . . . . . . . . . . . . . . . . . . . . . . 1029

Violation actions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1029
Local and global resources . . . . . . . . . . . . . . . . . . . . . . . . . . 1030

See also other documents in the category Brocade Computer Accessories: