Manualshelf

CLI Reference Guide-R04

ManualsBrandsEdgecore Networks ManualsFixed Broadband AccessENHANCED TEMPERATURE L2+ GIGABIT ETHERNET ACCESS / AGGREGATION SWITCH WITH 4 X 10G UPLINKS
301302303304305306307308309310
Table Of Contents
Chapter 9
| General Security Measures
Network Access (MAC Address Authentication)
– 304 –
Console#show port security interface ethernet 1/2
Global Port Security Parameters
Secure MAC Aging Mode : Disabled
Port Security Details
Port : 1/2
Port Security : Enabled
Port Status : Secure/Up
Intrusion Action : None
Max MAC Count : 0
Current MAC Count : 0
MAC Filter : Disabled
Last Intrusion MAC : NA
Last Time Detected Intrusion MAC : NA
Console#
This example shows information about a detected intrusion.
Console#show port security interface ethernet 1/2
Global Port Security Parameters
Secure MAC Aging Mode : Disabled
Port Security Details
Port : 1/2
Port Security : Enabled
Port Status : Secure/Up
Intrusion Action : None
Max MAC Count : 0
Current MAC Count : 0
MAC Filter : Enabled
Last Intrusion MAC : 00-10-22-00-00-01
Last Time Detected Intrusion MAC : 2010/7/29 15:13:03
Console#
Network Access (MAC Address Authentication)
Network Access authentication controls access to the network by authenticating
the MAC address of each host that attempts to connect to a switch port. Traffic
received from a specific MAC address is forwarded by the switch only if the source
MAC address is successfully authenticated by a central RADIUS server. While
authentication for a MAC address is in progress, all traffic is blocked until
authentication is completed. Once successfully authenticated, the RADIUS server
may optionally assign VLAN and QoS settings for the switch port.
Table 55: Network Access Commands
Command Function Mode
network-access aging Enables MAC address aging GC
network-access mac-filter Adds a MAC address to a filter table GC
mac-authentication reauth-time Sets the time period after which a connected MAC
address must be re-authenticated
GC