11.1.1 List of configuration commands
The following tables list the commands used to configure MAC authorization.
|
Command name |
Description |
|---|---|
|
aaa accounting mac-authentication default start-stop group radius |
Enables RADIUS accounting for MAC-based authentication. |
|
aaa authentication mac-authentication default group radius |
Specifies RADIUS as the authentication method for MAC-based authentication. |
|
mac-authentication auth-interval-timer |
Specifies the time that the switch waits before processing another authentication request from a MAC address that failed authentication. |
|
mac-authentication auto-logout |
Disables the functionality that clears the authentication status of a terminal when there has been no access from its MAC address for a length of time. |
|
mac-authentication dot1q-vlan force-authorized |
Exempts tagged frames from authentication when switchport mac dot1q vlan is configured for the MAC port. |
|
mac-authentication dynamic-vlan max-user |
Specifies the maximum number of MAC addresses that can be authenticated in dynamic VLAN mode. |
|
mac-authentication logging enable |
Enables logging of operation logs on the syslog server. |
|
mac-authentication max-timer |
Specifies the maximum connection time for MAC-based authentication users. |
|
mac-authentication password |
Specifies the password used when submitting requests to the RADIUS server. |
|
mac-authentication port |
Configures a port to perform MAC-based authentication. |
|
mac-authentication radius-server host |
Specifies the IP address and other information about the RADIUS server used in the MAC-based authentication process. |
|
mac-authentication static-vlan max-user |
Specifies the maximum number of authenticated MAC addresses permitted in fixed VLAN mode. |
|
mac-authentication system-auth-control |
Starts the MAC-based authentication daemon. |
|
mac-authentication vlan-check |
Specifies that MAC-based authentication use the VLAN ID in addition to the MAC address as credentials. |