Manualshelf

User Guide

ManualsBrandsAlcatel-Lucent ManualsOtherOMNIACCESS
161162163164165166167168169170
Configuring 802.1x Security 133
Chapter 11
Configuring MAC-based Authentication
This section of the document shows how to configure MAC-based
authentication on the Alcatel switch using the WebUI..
Use MAC-based authentication to authenticate devices based on their
physical MAC address. While not the most secure and scalable method,
MAC-based authentication still implicitly provides an addition layer of security
authentication devices. MAC-based authentication is often used to
authenticate and allow network access through certain devices while denying
access to the rest. For example, if users are allowed access to the network via
station A, then one method of authenticating station A is MAC-based. Users
may be required to authenticate themselves using other methods depending
on the network privileges required.
MAC-based authentication can also be used to authenticate WiFi phones as
an additional layer of security to avoid other devices from accessing the voice
network using what is normally an insecure SSID.
Configuring the Switch
To enable MAC-based authentication on the Alcatel Mobility Controller:
1. Before configuring MAC-based authentication on the switch, you must
first configure:
z The role that will be assigned as the default role for the MAC-based
authenticated users. (See Chapter xi, Configuring Firewall Roles and
Policies. for information on firewall policies to configure roles). If deri-
vation rules exist or if the user configuration in the internal database
has a role assignment, these values are prioritized over this value.
z The Authentication Server that the switch uses to validate the users.
The internal database can be used to configure the users for
MAC-based authentication. See “Configuring Users” on page 135 for
information on configuring the users on the local database. For infor-
mation on configuring AAA servers, Refer to Authentication Servers
on page 83.
2 Select the
Configuration tab. Navigate to the Security > Authentication Meth-
ods > MAC Authentication
page.
z Check the Authentication Enabled checkbox to enable authentication.