You are here: Home > CLI Commands > Just_CLI_Topics > aaa authentication mac

aaa authentication mac

aaa authentication mac <profile>

case upper|lower

clone <profile>

delimiter {colon|dash|none}

max-authentication-failures <number>

no ...

reauthentication

timer reauth period {<ra-period>|server}

Description

This command configures the MACMedia Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. authentication profile.

Syntax

Parameter

Description

Range

Default

<profile>

Name that identifies an instance of the profile. The name must be 1-63 characters.

default

case

The case (upper or lower) used in the MACMedia Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. string sent in the authentication request. If there is no delimiter configured, the MACMedia Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. address in lower case is sent in the format xxxxxxxxxxxx, while the MACMedia Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. address in upper case is sent in the format XXXXXXXXXXXX.

upper
lower

lower

clone <profile>

Name of an existing MACMedia Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. profile from which parameter values are copied.

delimiter

Delimiter (colon, dash, none, oui-nic) used in the MACMedia Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. string.

colon
dash
none

oui-nic

none

max-authentication-failures <number>

Number of times a client can fail to authenticate before it is blacklisted. A value of 0 disables blacklisting.

0-10

0 (disabled)

no

Negates any configured parameter.

reauthentication

Use this parameter to enable or disable reauthentication.

Disabled

timer reauth period
<ra-period>|server

<ra-period> specifies the period between reauthentication attempts in seconds. The server parameter specifies the server-provided reauthentication interval.

60-864000 seconds

86400 seconds (1 day)

Usage Guidelines

MACMedia Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. authentication profile configures authentication of devices based on their physical MACMedia Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. address. MACMedia Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. -based authentication is often used to authenticate and allow network access through certain devices while denying access to all other devices. Users may be required to authenticate themselves using other methods, depending upon the network privileges.

Example

The following example configures a MACMedia Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. authentication profile to blacklist client devices that fail to authenticate.

(host) ^[md] (config) #aaa authentication mac mac-blacklist

(host) ^[md] (MAC Authentication Profile "mac-blacklist") #max-authentication-failures 3

Command History

Release

Modification

ArubaOS 8.0.0.0

Command introduced.

Command Information

Platforms

License

Command Mode

All platforms

Base operating system.

Config mode on Mobility Master.

/*]]>*/