3com WX3000 Manuel D’Utilisation

 

1-2 

included depending on the format configured with the mac-authentication authmode 

usernameasmacaddress usernameformat command; otherwise, the authentication will fail. 

z 

If the username type is fixed username, you need to configure the fixed username and password 

on the device, which are used by the device to authenticate all users.  

The service type of a local user needs to be configured as lan-access. 

The following timers function in the process of MAC authentication: 

z 

Offline detect timer: At this interval, the device checks to see whether an online user has gone 

offline. Once detecting that a user becomes offline, the device sends a stop-accounting notice to 

the RADIUS server.  

z 

Quiet timer: Whenever a user fails MAC authentication, the device does not initiate any MAC 

authentication of the user during a period defined by this timer.  

z 

Server timeout timer: During authentication of a user, if the device receives no response from the 

RADIUS server in this period, it assumes that its connection to the RADIUS server has timed out 

and forbids the user from accessing the network.  

When a user fails MAC authentication, the MAC address becomes a quiet MAC address, which means 

that any packets from the MAC address will be discarded simply by the device until the quiet timer 

expires. This prevents an invalid user from being authenticated repeatedly in a short time. 

 

If the quiet MAC is the same as the static MAC configured or an authentication-passed MAC, then the 

quiet function is not effective. 

 

Follow these steps to configure basic MAC authentication functions: 

Enter system view 

— 

Enable MAC 
authentication 
globally 

Required 

Disabled by default