3com 5500-SI Manual Do Utilizador
408
C
HAPTER
21: 802.1
X
C
ONFIGURATION
Displaying and
Debugging Centralized
MAC Address
Authentication
After the above configuration, perform the
display
command in any view, you can
view the centralized MAC address authentication running state and check the
configuration result. Perform the
configuration result. Perform the
debugging
command in User View, you can debug
the centralized MAC address authentication.
Table 435 Displaying and Debugging Centralized MAC Address Authentication
Auto VLAN
Auto VLAN uses three return list attributes to dynamically assign VLAN(s) to a port as
the user logs in.
the user logs in.
Table 436 Auto VLAN
Before the VLAN is correctly received by the Switch 5500, you need to execute the
following command on the Switch 5500 to use standard private-group-ID:
following command on the Switch 5500 to use standard private-group-ID:
[5500-xx]private-group-id mode standard
Configuration Example
of Centralized MAC
Address Authentication
How to enable centralized MAC address authentication both on a port and globally,
and how to configure a local user are shown as follows. For other configurations, see
“802.1x Configuration Example”.
and how to configure a local user are shown as follows. For other configurations, see
“802.1x Configuration Example”.
The configurations of centralized MAC address authentication is similar to 802.1x,
their differences are:
their differences are:
1) Enabling centralized MAC address authentication both globally and on a port.
2) User name and password of the local authentication must be configured to the
MAC address of the user.
MAC address of the user.
3) User name and password on the RADIUS server must be configured to the MAC
address of the user.
address of the user.
The following example shows how to enabling centralized MAC address
authentication both on a port and globally, and the way of configuring local user are
shown as follows. For other configurations, see
authentication both on a port and globally, and the way of configuring local user are
shown as follows. For other configurations, see
1 Enable centralized MAC address authentication on port Ethernet 1/0/2.
[SW5500]mac-authentication interface Ethernet 1/0/2
Operation
Command
Display the global information of the
centralized MAC address authentication
centralized MAC address authentication
display mac-authentication [ interface
interface_list ]
interface_list ]
Enable the centralized MAC address
authentication debugging switch
authentication debugging switch
debugging mac-authentication event
Disable the centralized MAC address
authentication debugging switch
authentication debugging switch
undo debugging mac-authentication
event
event
Auto VLAN
Return String
Comment
Tunnel-Medium-type
802
Tunnel-Private-Group-ID
2
VLAN value
Tunnel-Type
VLAN