Login
- Table of Contents
-
- 06-Network
- 01-Scanner
- 02-VRF
- 03-Interface
- 04-Interface pairs
- 05-Interface collaboration
- 06-Security zones
- 07-VLAN
- 08-MAC
- 09-DNS
- 10-ARP
- 11-ND
- 12-Forwarding advanced settings
- 13-Routing table
- 14-Static routing
- 15-Policy-based routing
- 16-OSPF
- 17-RIP
- 18-HTTP
- 19-SSH
- 20-NTP
- 21-FTP
- 22-Telnet
- 23-MAC authentication
- 24-MAC address whitelist
- 25-MAC access silent MAC info
- 26-MAC access advanced settings
- 27-IP authentication
- 28-IPv4 whitelist
- 29-IPv6 whitelist
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 26-MAC access advanced settings | 20.53 KB |
MAC access advanced settings
Introduction
User account formats
MAC authentication supports the following user account formats:
· Shared user account—You can specify one username and password to be shared by all MAC authentication users on the device. The username and password can be any valid strings, including MAC addresses.
· MAC-based user account—The MAC address of each user is used by the device as the username and password for MAC authentication.
Authentication ISP domain
To implement different access policies for users, you can specify authentication ISP domains that have different access policies for MAC authentication users.
Offline detect timer
This timer sets the interval that the device must wait for traffic from a user before the device determines that the user is idle. If the device has not received traffic from a user before the timer expires, the device logs off that user and requests the accounting server to stop accounting for the user.
Quiet timer
This timer sets the interval that the device must wait before the device can perform MAC authentication for a user that has failed MAC authentication. All packets from the MAC address are dropped during the quiet time. This quiet mechanism prevents repeated authentication from affecting system performance.
Server timeout timer
This timer sets the interval that the device waits for a response from a RADIUS server before the device determines that the RADIUS server is unavailable. If the timer expires during MAC authentication, the user fails MAC authentication.
