Alcatel-Lucent omniaccess User Manual

Chapter 11

This section of the document shows how to  configure MAC-based 
authentication on the Alcatel switch using the WebUI..

Use MAC-based authentication to authenticate devices based on their 
physical MAC address. While not the most secure and scalable method, 
MAC-based authentication still implicitly provides an addition layer of security 
authentication devices. MAC-based authentication is often used to 
authenticate and allow network access through certain devices while denying 
access to the rest. For example, if users are allowed access to the network via 
station A, then one method of authenticating station A is MAC-based. Users 
may be required to authenticate themselves using other methods depending 
on the network privileges required.

MAC-based authentication can also be used to authenticate WiFi phones as 
an additional layer of security to avoid other devices from accessing the voice 
network using what  is normally an insecure SSID.

To enable  MAC-based authentication on the Alcatel Mobility Controller:

1. Before configuring MAC-based authentication on the switch, you must 
first  configure:

z

The role  that will be assigned as the default role for the MAC-based 
authenticated users. (

 for information on firewall policies to configure roles).  If deri-

vation rules exist or if the user configuration in the internal database 
has a role assignment, these values are  prioritized over this value.

z

The Authentication Server that  the switch uses to validate the users. 
The internal database can be used to configure the users for 
MAC-based authentication. See “Configuring Users” on page 135 for  
information on  configuring the users on the local database. For infor-
mation on configuring AAA servers, Refer to “Authentication Servers” 
on page 83.

2

Select the 

 tab. Navigate to the  

 page. 

z

 checkbox to enable authentication.