Manualshelf

Install guide

ManualsBrandsAllied Telesis ManualsSwitchAT-8824
31323334353637383940
34 Firewall: Using RADIUS to Authenticate MAC Addresses Release Note
Software Version 2.7.4
C613-10444-00 REV A
Firewall: Using RADIUS to Authenticate
MAC Addresses
This enhancement extends the firewall’s MAC address matching capabilities. It
enables the firewall to send queries about MAC addresses to a RADIUS server.
The response from the RADIUS server determines whether the packet is
allowed or denied.
The firewall stores the MAC address and RADIUS result in its MAC address
cache for a time length specified by using the command:
set firewall policy maccachetimeout=max-age
The default timeout is 1440 minutes (24 hours).
New and Modified Commands
add firewall policy rule
Syntax ADD FIREwall POLIcy=policy-name RUle=rule-id
ACtion={ALLOw|DENY|NAT|NONat} INTerface=interface
PROTocol={protocol|ALL|EGP|GRE|ICmp|OSPF|SA|TCP|UDP}
[LISt={list-name|RADius|MACRADIUS}] [other-options...]
reset firewall policy maccache
Syntax RESET FIREwall POLIcy=policy-name MACCACHE
set firewall policy
Syntax SET FIREwall POLIcy=policy-name [MACCACHETIMEOUT=max-age]
[RADIUSLIMIT=number] [other-options...]
where
max-age is a time period from 1 to 43200 minutes.
number is a decimal value in the range 1 to 500.