mac-auth

bridge

Enables source MAC authentication for Extended VLAN and tunneled traffic (MiNT and L2TPv3) on this bridge VLAN. When enabled, it provides fast path authentications of clients, whose captive portal session has expired.

Supported in the following platforms:

Syntax

mac-auth {attempts <1-5>|throttle <0-255>}

Parameters

mac-auth {attempts <1-5>|throttle <0-255>}]
mac-auth Enables MAC Authentication
attempts <1-5> Optional. Configures the maximum number of retries allowed for MAC authentication requests.
  • <1-5> – Specify the maximum allowed authentication retries from 1 - 5. The default is 3.
throttle <0-255> Optional. Configures the throttle value for MAC authentication requests
  • <0-255> – Specify the MAC authentication request throttle value from 0 -255. The default is 64.

Usage Guidelines : Applying AAA Policy for MAC Authentication

To enable MAC authentication,

Usage Guidelines: Enabling Fall-back Captive Portal Authentication

To enable fall-back captive-portal authentication on the bridge VLAN,

Example

nx9500-6C8809(config-profile testNX9000-bridge-vlan-20)#mac-auth attempts 2

nx9500-6C8809(config-profile testNX9000-bridge-vlan-20)#mac-auth throttle 80

nx9500-6C8809(config-profile testNX9000-bridge-vlan-20)#show context
 bridge vlan 20
  mac-auth attempts 2
  mac-auth throttle 80
  ip igmp snooping
  ip igmp snooping querier
  ipv6 mld snooping
  ipv6 mld snooping querier
nx9500-6C8809(config-profile testNX9000-bridge-vlan-20)#

Related Commands

no Disables MAC authentication for Extended VLAN and Tunneled traffic on this bridge VLAN
9037762-04 Rev AA