Manualshelf

Specifications

ManualsBrandsEnterasys ManualsComputer equipmentMatrix E1 1H582-51
751752753754755756757758759760
Security Configuration Command Set
Configuring MAC Authentication
14-32 Matrix E1 Series (1G58x-09 and 1H582-xx) Configuration Guide
14.3.3 Configuring MAC Authentication
Purpose
To review, disable, enable and configure MAC authentication. This allows the device to
authenticate source MAC addresses in an exchange with an authentication server. The authenticator
(switch) selects a source MAC seen on a MAC-authentication enabled port and submits it to a
backend client for authentication. The backend client uses the MAC address stored password, if
required, as credentials for an authentication attempt. If accepted, a string representing an access
policy may be returned. If present, the switch applies the associated policy rules. For an overview
on working with MAC authentication, refer to Section 14.4.2.
Commands
The commands needed to review, enable, disable, and configure MAC authentication are listed
below and described in the associated section as shown:
show macauthentication (Section 14.3.3.1)
show macauthentication session (Section 14.3.3.2)
set macauthentication (Section 14.3.3.3)
set macauthentication password (Section 14.3.3.4)
set macauthentication port (Section 14.3.3.5)
set macauthentication portinitialize (Section 14.3.3.6)
set macauthentication macinitialize (Section 14.3.3.7)
set macauthentication reauthentication (Section 14.3.3.8)
set macauthentication portreauthenticate (Section 14.3.3.9)
set macauthentication macreauthenticate (Section 14.3.3.10)
NOTES: When both 802.1X (EAPOL) and MAC authentication are enabled on the
same Matrix E1 device, the switch enforces a precedence relationship between MAC
authentication and 802.1X methods. For more information on these precedence rules,
refer to Section 14.4.3.2.
The Matrix E1 MAC authentication commands have no direct interdependencies with
the MAC locking commands described in Section 14.3.4. When a frame arrives at a
port, the Matrix E1 device runs the MAC locking algorithm first. If the frame passes the
MAC lock (i.e., it is not in violation), then the frame is eligible for authentication.