Auth-mac enable – Allied Telesis AlliedWare Plus Operating System Version 5.4.4C (x310-26FT,x310-26FP,x310-50FT,x310-50FP) User Manual
Page 1155

Authentication Commands
Software Reference for x310 Series Switches
C613-50046-01 REV A
AlliedWare Plus
TM
Operating System - Version 5.4.4C
43.29
auth-mac enable
This command enables MAC based authentication on the interface specified in the
Interface command mode.
Use the no variant of this command to disable MAC based authentication on an interface.
Syntax
auth-mac enable
no auth-mac enable
Default
MAC authentication is disabled by default.
Mode
Interface Configuration for a static channel, a dynamic (LACP) channel group, or a switch
port.
Usage
Enabling spanning-tree edgeport on ports after enabling MAC based authentication
avoids unnecessary re-authentication when the port state changes, which does not
happen when spanning tree edgeport is enabled. Note that re-authentication is correct
behavior without spanning-tree edgeport enabled.
Applying switchport mode access on ports is also good practice to set the ports to access
mode with ingress filtering turned on, whenever ports for MAC authentication are in a
VLAN.
Examples
To enable MAC authentication on interface port1.0.2 and enable spanning tree
edgeport to avoid unnecessary re-authentication, use the following commands:
To disable MAC authentication on interface port1.0.2, use the following commands:
Validation
Commands
show auth-mac
show auth-mac interface
show running-config
Related Commands
aaa accounting auth-mac default
aaa authentication auth-mac
spanning-tree edgeport (RSTP and MSTP)
switchport mode access
awplus#
configure terminal
awplus(config)#
interface port1.0.2
awplus(config-if)#
auth-mac enable
awplus(config-if)#
spanning-tree edgeport
awplus(config-if)#
switchport mode access
awplus#
configure terminal
awplus(config)#
interface port1.0.2
awplus(config-if)#
no auth-mac enable