Installation guide
General Security Measures
4-145
4
network-access aging
Use this command to enable aging for authenticated MAC addresses stored in the
secure MAC address table. Use the no form of this command to disable address
aging.
Syntax
[no] network-access aging
Default Setting
Disabled
Command Mode
Global Configuration
Command Usage
• Authenticated MAC addresses are stored as dynamic entries in the switch’s
secure MAC address table and are removed when the aging time expires. The
address aging time is determined by the mac-address-table aging-time
command (page 4-217).
• The maximum number of secure MAC addresses supported for the switch
system is 1024.
Example
network-access
dynamic-vlan
Enables dynamic VLAN assignment from a RADIUS
server
IC 4-147
network-access guest-vlan Specifies the guest VLAN IC 4-148
mac-authentication
reauth-time
Sets the time period after which a connected MAC
address must be re-authenticated
GC 4-149
mac-authentication
intrusion-action
Determines the port response when a connected host fails
MAC authentication.
IC 4-149
mac-authentication
max-mac-count
Sets a maximum for mac-authentication authenticated
MAC addresses on an interface
IC 4-150
clear network-access Clears authenticated MAC addresses from the address
table
PE 4-150
show network-access Displays the MAC authentication settings for port
interfaces
PE 4-151
show network-access
mac-address-table
Displays information for entries in the secure MAC
address table
PE 4-151
Console(config-if)#network-access mode mac-authentication
Console(config-if)#
Table 4-43 Network Access (Continued)
Command Function Mode Page