beautypg.com

Related concepts, Mac authentication timers, Quiet mac address – H3C Technologies H3C S3100 Series Switches User Manual

Page 457: Configuring basic mac authentication functions

background image

1-2

Related Concepts

MAC Authentication Timers

The following timers function in the process of MAC authentication:

z

Offline detect timer: At this interval, the switch checks to see whether an online user has gone

offline. Once detecting that a user becomes offline, the switch sends a stop-accounting notice to

the RADIUS server.

z

Quiet timer: Whenever a user fails MAC authentication, the switch does not initiate any MAC

authentication of the user during a period defined by this timer.

z

Server timeout timer: During authentication of a user, if the switch receives no response from the

RADIUS server in this period, it assumes that its connection to the RADIUS server has timed out

and forbids the user from accessing the network.

Quiet MAC Address

When a user fails MAC authentication, the MAC address becomes a quiet MAC address, which means

that any packets from the MAC address will be discarded simply by the switch until the quiet timer

expires. This prevents an invalid user from being authenticated repeatedly in a short time.

z

If the quiet MAC is the same as the static MAC configured or an authentication-passed MAC, then

the quiet function is not effective.

z

The S3100 series Ethernet switches support quiet MAC function on ports.

Configuring Basic MAC Authentication Functions

Table 1-1 Configure basic MAC authentication functions

Operation

Command

Remarks

Enter system view

system-view

Enable MAC
authentication
globally

mac-authentication

Required

Disabled by default

In system view

mac-authentication
interface interface-list

interface interface-type
interface-number

mac-authentication

Enable MAC
authentication for the
specified port(s) or the
current port

In interface
view

quit

Use either method

Disabled by default

Set the user name in
MAC address mode
for MAC
authentication

mac-authentication authmode
usernameasmacaddress
[ usernameformat { with-hyphen |
without-hyphen } { lowercase | uppercase }
| fixedpassword password ]

Optional

By default, the MAC
address of a user is used
as the user name.

See also other documents in the category H3C Technologies Routers: