Manualshelf

Product manual

ManualsBrandsProCurve ManualsComputer equipment8212zl
31323334353637383940
o <primary-method> - Species the primary authentication
method for access control. Use <TAB>
or <?> after you specify enable or login
to get a list of all available
primary authentication methods.
o <backup-method> - Species an authentication method
to use, if the primary authentication
method is not able to check user's
credentials.
Use <TAB> or <?> after you specify the
primary authentication method to get a list
of all available backup methods.
Next Available Option:
primary < chap-radius | peap-mschapv2 > -- Specify the primary authentication method for
access control.(p. 43)
aaa port-access mac-based
Usage: [no] aaa port-access mac-based
addr-format <no-delimiter | single-dash | multi-dash |
multi-colon | no-delimiter-uppercase | single-dash-uppercase |
multi-dash-uppercase | multi-colon-uppercase>
[no] aaa port-access mac-based [ethernet] PORT-LIST
[addr-limit <1-32> | addr-moves | quiet-period <1-65535> |
server-timeout <1-300> | max-requests <1-10> |
logoff-period <1-9999999> | reauth-period <0-9999999>
auth-vid VLAN-ID | unauth-vid VLAN-ID |
reauthenticate]
Description: Congure MAC address based network authentication
on the device or the device's port(s).
The rst form of the command sets the
MAC address format which is common to all ports
The second form of the command enables, disables, or
congures authentication on the device's individual ports.
o 'addr-format' sets the MAC address format to be used in the
RADIUS request message (default no-delimiter).
o 'addr-limit' sets the maximum number of MAC addresses to
allow on the port. This includes ALL addresses (authenticated
and unauthenticated). The default is 1 MAC address.
NOTE: No more than 32 unique client MAC addresses can be
authorized by both 802.1X and MAC/web-based
authentication together on the same port.
o 'addr-moves' sets whether the MAC address can move
between ports that also have 'addr-moves' enabled
(default disabled - no moves allowed).
o 'quiet-period' sets the period of time during which the
switch does not try to authenticate after a failed
authentication attempt (default 60 seconds).
37© 2008 Hewlett-Packard Development Company, L.P.
aaaCommand Line Interface Reference Guide