Security

Using the CLI to Configure Local MAC Authentication

Use the mac‐authentication server command from the Interface Wireless or Interface Wireless: VAP configuration modes to enable local MAC authentication. Set the default behavior (allow or deny) for all unknown MAC addresses using the mac‐access permission command. Use the mac‐ access entry command to update the local table by entering, changing and removing MAC addresses.

Examples

RoamAbout 4102#configure

Enter configuration commands, one per line. End with CTRL/Z RoamAbout 4102(config)#interface wireless g

Enter Wireless configuration commands, one per line.

RoamAbout 4102(if-wireless g)#mac-access entry 00-01-f4-88-b3-d6 allowed RoamAbout 4102(if-wireless g)#

RoamAbout 4102(if-wireless g)#mac-access entry 00-01-f4-88-b3-d6 denied

This MAC address 00-01-f4-cc-99-1a filter permission status has been changed !! RoamAbout 4102(if-wireless g)#

RoamAbout 4102(if-wireless g)# mac-access entry 00-01-f4-88-b3-d6 delete RoamAbout 4102(if-wireless g)#vap 4

RoamAbout 4102(if-wireless g: VAP[4])#mac-access entry 00-00-11-22-33-44 allowed

RoamAbout 4102(if-wireless g: VAP[4])#end RoamAbout 4102(if-wireless g)#

To display the current settings, use the show authentication command from the Executive mode.

RoamAbout 4102#show authentication

 

802.11a Authentication Server Information

Default Local MAC

VAP AuthMode SessionTimeout Password

============================================================================

Default

LOCAL

0

min

*****

ALLOWED

1

LOCAL

0

min

*****

ALLOWED

2

LOCAL

0

min

*****

ALLOWED

3

LOCAL

2

min

*****

ALLOWED

4

LOCAL

0

min

*****

ALLOWED

5

LOCAL

0

min

*****

ALLOWED

6

LOCAL

0

min

*****

ALLOWED

7

LOCAL

0

min

*****

ALLOWED

802.11b/g Authentication Server Information

Default Local MAC

VAP AuthMode SessionTimeout Password

============================================================================

Default

LOCAL

0

min

NOPASSWORD

ALLOWED

1

LOCAL

0

min

NOPASSWORD

ALLOWED

2

LOCAL

0

min

NOPASSWORD

ALLOWED

3

LOCAL

0

min

NOPASSWORD

ALLOWED

4

LOCAL

0

min

NOPASSWORD

ALLOWED

5

LOCAL

0

min

NOPASSWORD

ALLOWED

6

LOCAL

0

min

NOPASSWORD

ALLOWED

7

LOCAL

0

min

NOPASSWORD

ALLOWED

802.1x Supplicant Information

============================================================================

802.1x

supplicant

:

DISABLED

802.1x

supplicant user

:

EMPTY

802.1x

supplicant password :

EMPTY

MAC Address Filter Status List in SSID

RoamAbout RBT-4102 Wireless Access Point Configuration Guide 4-89

Page 125
Image 125
Enterasys Networks RBT-4102 manual Using the CLI to Configure Local MAC Authentication, Nopassword Allowed Local, Empty