Web and MAC Authentication
Operating Rules and Notes
Operating Rules and Notes■ You can configure one type of authentication on a port. That is, the following authentication types are mutually exclusive on a given port:
| • | Web Authentication |
| • | MAC Authentication |
| • | 802.1X |
| ■ Order of Precedence for Port Access Management (highest to lowest): | |
| • | MAC lockout |
| • MAC lockdown or Port Security | |
| • | |
|
| Authentication |
|
| |
Note on Port | When configuring a port for Web or MAC Authentication, be sure that a higher | |
Access | precedent port access management feature is not enabled on the port. For | |
Management | example, be sure that Port Security is disabled on a port before configuring it |
for Web or MAC Authentication. If Port Security is enabled on the port this misconfiguration does not allow Web or MAC Authentication to occur.
■ VLANs: If your LAN does not use multiple VLANs, then you do not need to configure VLAN assignments in your RADIUS server or consider using either Authorized or Unauthorized VLANs. If your LAN does use multiple VLANs, then some of the following factors may apply to your use of
•
• A port can belong to one, untagged VLAN during any client session. Where multiple authenticated clients may simultaneously use the same port, they must all be capable of operating on the same VLAN.
• During an authenticated client session, the following hierarchy determines a port’s VLAN membership:
1. If there is a