Configuring MAC-Based Authentication

Before configuring MAC Media Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. -based authentication, you must configure the following options:

The following section describes how to configure the MAC Media Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network.  authentication profile:

Configuring the MAC Authentication Profile

The following procedure describes how to configure MAC Media Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. -based authentication:

  1. In the Mobility Master node hierarchy, select a managed device.
  2. Navigate to the Configuration > Authentication > L2 Authentication tab.
  3. Click MAC Authentication.
  4. In the MAC Authentication Profile: New Profile window, click + to create a new profile.
  5. Enter a Profile name.
  6. Configure the parameters, as described in Table 1.
  7. Click Submit.
  8. Click Pending Changes.
  9. In the Pending Changes window, select the check box and click Deploy Changes.

The following table describes the parameters that you can configure for MAC Media Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. -based authentication.

Table 1: MAC Authentication Profile Configuration Parameters

Parameter

Description

Profile name

Name of the MAC Media Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. authentication profile.

Delimiter

Delimiter used in the MAC Media Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. string:

  • colon specifies the format XX:XX:XX:XX:XX:XX
  • dash specifies the format XX-XX-XX-XX-XX-XX
  • none specifies the format XXXXXXXXXXXX
  • oui-nic specifies the format XXXXXX-XXXXXX

Default: none

Case

The case (upper or lower) used in the MAC Media Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. string.

Default: lower

Max Authentication failures

Number of times a station can fail to authenticate before it is blacklisted. A value of zero disables blacklisting.

Default: zero (0)

Reauthentication

Select the Reauthentication check box if you want to enable Reauthentication; Default: disable.

Reauthentication Interval

Time duration between reauthentication attempts. Configure a value in the range of 60–86,400. Reauthentication timer is configured in terms of seconds.

Use Server provided Reauthentication Interval

Select the Use Server provided Reauthentication Interval check box to use the interval provided by the server; Default: disable.

The following CLI Command-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions. commands configure a MAC Media Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network.  authentication profile from the Mobility Master node:

(host)[mynode](config) #aaa authentication mac <profile>

(host) [mynode] (MAC Authentication Profile "profile") #case {lower|upper}

(host) [mynode] (MAC Authentication Profile "profile") #clone {default|<source>}

(host) [mynode] (MAC Authentication Profile "profile") #delimiter {colon|dash|none|oui-nic}

(host) [mynode] (MAC Authentication Profile "profile") #max-authentication-failures <max-authentication-failures-number>

(host) [mynode] (MAC Authentication Profile "profile") #reauthentication

(host) [mynode] (MAC Authentication Profile "profile") #timer reauth-period <reauth period>