FAQ: How Is MAC Address Authentication Configured on the S5700?

Publication Date:  2013-12-31 Views:  196 Downloads:  0
Issue Description
Version: V100R005C01SPC100
Question: How is MAC address authentication configured on the S5700?
Alarm Information
None
Handling Process
Answer: Local MAC address authentication can be configured as follows:
[Quidway]mac-authen         
[Quidway]mac-authen username macaddress format with-hyphen
[Quidway]aaa
[Quidway-aaa]
[Quidway-aaa]local-user f0de-f163-76d5 password simple f0de-f163-76d5
[Quidway]int ethe0/0/4
[Quidway-Ethernet0/0/4]mac-authen

When MAC address authentication fails, the switch does not learn the PC's MAC address. View the authentication status.
[Quidway]display mac-authen int Ethernet 0/0/4
Ethernet0/0/4 state: UP.  MAC address authentication is enabled
  Maximum users: 256
  Current users: 0     
  Authentication Success: 6, Failure: 18
  Guest VLAN is disabled
  Silent MAC info:
    f0de-f163-76d5
  1 silent mac address(es) found, 1 printed.

When MAC address authentication succeeds, the switch learns the PC's MAC address. View the authentication status.
[Quidway]display mac-authen int Ethernet 0/0/4
Ethernet0/0/4 state: UP.  MAC address authentication is enabled
  Maximum users: 256
  Current users: 1     
  Authentication Success: 5, Failure: 17
  Guest VLAN is disabled
Online user(s) info:
UserId   MAC/VLAN            AccessTime              UserName
------------------------------------------------------------------------------
37       f0de-f163-76d5/1    2008/01/01 00:37:08     f0de-f163-76d5         
------------------------------------------------------------------------------
Root Cause
None
Suggestions
1. If MAC address authentication uses the user name and password, the configuration is as follows:
[Quidway]mac-authen         
[Quidway]mac-authen username fixed cc pass cc
[Quidway]aaa
[Quidway-aaa]
[Quidway-aaa]local-user cc password simple cc
[Quidway]int ethe0/0/4
[Quidway-Ethernet0/0/4]mac-authen
2. By default, the number of MAC address authentication users supported by a port is 256, and that supported by a switch is 1024.

END