FAQ-S5700 switch MAC local authentication configuration

Publication Date:  2012-09-20 Views:  449 Downloads:  0
Issue Description
 Q: S5700 how to configure the MAC local authentication? 
Alarm Information
None
Handling Process
 A: MAC-based local authentication configuration is as follows:
[Quidway] mac-authen
[Quidway] mac-authen username macaddress format with-hyphen
[Quidway] aaa
[Quidway-aaa]
[Quidway-aaa] local-user f0de-f163-76d5 password simple f0de-f163-76d5
[Quidway] int ethe0/0/4
[Quidway-Ethernet0/0/4] mac-authen


When mac authentication fails, the switch does not learn the PC mac, view the authentication state is displayed as follows:
[Quidway] dis mac-authen int Ethernet 0/0/4
Ethernet0/0/4 state: UP. MAC address authentication is enabled
Maximum users: 256
Current users: 0
Authentication Success: 6, Failure: 18
Guest VLAN is disabled
Silent MAC info:
f0de-f163-76d5
1 silent mac address (es) found, 1 printed.


When MAC authentication pass, the switch learn the PC mac, view the authentication status is displayed as follows:
[Quidway] dis mac-authen int Ethernet 0/0/4
Ethernet0/0/4 state: UP. MAC address authentication is enabled
Maximum users: 256
Current users: 1
Authentication Success: 5, Failure: 17
Guest VLAN is disabled
Online user (s) info:
UserId MAC / VLAN AccessTime UserName
-------------------------------------------------- ----------------------------
37 f0de-f163-76d5 / 1 2008/01/01 00:37:08 f0de-f163-76d5
-------------------------------------------------- ----------------------------

Root Cause
None
Suggestions
 1 . If mac authentication is based on the user name and password, the configuration is as follows:
[Quidway] mac-authen
[Quidway] mac-authen username fixed cc pass cc
[Quidway] aaa
[Quidway-aaa]
[Quidway-aaa] local-user cc password simple cc
[Quidway] int ethe0/0/4
[Quidway-Ethernet0/0/4] mac-authen

2. The default user number of MAC authentication that supported on the port is 256, the whole device up to 1024.

END