3com 4210 User Manual
19
MAC A
UTHENTICATION
C
ONFIGURATION
G
UIDE
Configuring MAC
Authentication
Authentication
MAC authentication provides a way for authenticating users based on ports and
MAC addresses, without requiring any client software to be installed on the hosts.
Once detecting a new MAC address, a switch with MAC authentication
configured will initiate the authentication process. During authentication, the user
does not need to enter any username and password manually.
MAC addresses, without requiring any client software to be installed on the hosts.
Once detecting a new MAC address, a switch with MAC authentication
configured will initiate the authentication process. During authentication, the user
does not need to enter any username and password manually.
MAC authentication can be implemented locally or by a RADIUS server.
After determining the authentication mode, you can select one of the following
username types as required:
username types as required:
■
MAC address, where the MAC address of a user serves as the username for
authentication (you can use the mac-authentication authmode
usernameasmacaddress usernameformat command to set the MAC
address format).
authentication (you can use the mac-authentication authmode
usernameasmacaddress usernameformat command to set the MAC
address format).
■
Fixed username, where the same username and password preconfigured on
the switch are used to authenticate all users. In addition, the number of
concurrent users is limited with this username type. This username type is not
recommended.
the switch are used to authenticate all users. In addition, the number of
concurrent users is limited with this username type. This username type is not
recommended.
Network Diagram
Figure 48 Network diagram for configuring local MAC authentication
Networking and
Configuration
Requirements
As illustrated in Figure 48, a supplicant is connected to the switch through port
Ethernet 1/0/2.
Ethernet 1/0/2.
■
MAC authentication is required on port Ethernet 1/0/2 to control user access to
the Internet.
the Internet.
■
All users belong to domain aabbcc.net. The authentication is performed
locally and the MAC address of the PC (00-0d-88-f6-44-c1) is used as both the
username and password.
locally and the MAC address of the PC (00-0d-88-f6-44-c1) is used as both the
username and password.
Applicable Products
IP network
Host
MAC: 00-0d-88-f6-44-c1
MAC: 00-0d-88-f6-44-c1
Switch
Eth1/0/2
Product series
Software version Hardware version
Switch 5500
Release V03.02.04
All versions
Switch 5500G
Release V03.02.04
All versions
Switch 4500
Release V03.03.00
All versions