No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.


CLI-based Configuration Guide - Security

AR500, AR510, and AR530 V200R007

This document describes the configurations of Security, including AAA, DAA,NAC, BRAS Access, ACL, Firewall, Deep Security Defense, Local Attack Defense;Attack Defense, Traffic Suppression, ARP Security, Port Security, DHCP Snooping, IPSG, URPF, PKI, SSL, HTTPS, Keychain, separating the management plane from the service plane, security risks.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
MAC Address Authentication

MAC Address Authentication

As shown in Figure 3-11, user terminals' network access needs to be controlled to ensure network security. Only authenticated users are allowed to access network resources authorized by the administrator.

Figure 3-11  Typical application of MAC address authentication

The 802.1x client cannot be installed on printers. In this case, enable MAC address authentication on interface1 connected to the printer. After that, the access device uses the printer's MAC address as the user name and password, and reports the MAC address to the authentication server for authentication. If the authentication succeeds, the access device sets the interface connected to the printer to the Up state and allows the printer to access the network. If the authentication fails, the access device rejects the printer's access request.


Apart from MAC address authentication, terminals with simple functions that cannot install the 802.1x client software and do not require high security (such as printers) can also be authenticated using 802.1x MAC address bypass authentication.

Updated: 2019-05-25

Document ID: EDOC1000097287

Views: 13799

Downloads: 40

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Previous Next