Specifications

OmniAccess Reference: AOS-W System Reference

360 Part 031652-00 May 2005

Configuring MAC Address Role Mapping Using

the CLI

MAC Address Role Mapping is a method of identifying clients based on their

MAC address and assigning an appropriate role based on the MAC Address.

This method should not be considered a true authentication method, since no

password is associated with the method. This method should always be

coupled with Layer 2 encryption and strict firewall policies.

Enable MAC Address Role Mapping

Set the default role. This is the role which will be assigned to the client if

the authentication server provides no role information about the client

when they authenticate.

Specify an authentication server.

Set the authentication failure threshold for station blacklisting.

You may see the MAC Address Role Mapping settings by using the show aaa

mac-authentication command from the CLI.

Configuring Stateful 802.1x Using the CLI

This procedure configures stateful 802.1x for third-party Access Points using

the CLI.

Enable stateful 802.1x.

Set the Request/Response time out, in seconds.

(Alcatel) (config) #aaa mac-authentication mode enable

(Alcatel) (config) #aaa mac-authentication default-role foo-user

(Alcatel) (config) #aaa mac-authentication auth-server internal

(Alcatel) (config) #aaa mac-authentication

max-authentication-failures 0

(Alcatel) (config) #aaa stateful-authentication dot1x mode enable

(Alcatel) (config) #aaa stateful-authentication dot1x timeout 20