beautypg.com

Auth-mac enable – Allied Telesis AlliedWare Plus Operating System Version 5.4.4C (x310-26FT,x310-26FP,x310-50FT,x310-50FP) User Manual

Page 1155

background image

Authentication Commands

Software Reference for x310 Series Switches

C613-50046-01 REV A

AlliedWare Plus

TM

Operating System - Version 5.4.4C

43.29

auth-mac enable

This command enables MAC based authentication on the interface specified in the
Interface command mode.

Use the no variant of this command to disable MAC based authentication on an interface.

Syntax

auth-mac enable

no auth-mac enable

Default

MAC authentication is disabled by default.

Mode

Interface Configuration for a static channel, a dynamic (LACP) channel group, or a switch
port.

Usage

Enabling spanning-tree edgeport on ports after enabling MAC based authentication
avoids unnecessary re-authentication when the port state changes, which does not
happen when spanning tree edgeport is enabled. Note that re-authentication is correct
behavior without spanning-tree edgeport enabled.

Applying switchport mode access on ports is also good practice to set the ports to access
mode with ingress filtering turned on, whenever ports for MAC authentication are in a
VLAN.

Examples

To enable MAC authentication on interface port1.0.2 and enable spanning tree
edgeport to avoid unnecessary re-authentication, use the following commands:

To disable MAC authentication on interface port1.0.2, use the following commands:

Validation

Commands

show auth-mac
show auth-mac interface
show running-config

Related Commands

aaa accounting auth-mac default
aaa authentication auth-mac
spanning-tree edgeport (RSTP and MSTP)
switchport mode access

awplus#

configure terminal

awplus(config)#

interface port1.0.2

awplus(config-if)#

auth-mac enable

awplus(config-if)#

spanning-tree edgeport

awplus(config-if)#

switchport mode access

awplus#

configure terminal

awplus(config)#

interface port1.0.2

awplus(config-if)#

no auth-mac enable