DWS-3160 Series Gigabit Ethernet Unified Switch CLI Reference Guide
428
If the port authorize mode is port based mode, when the port has been moved to the authorized
VLAN, the subsequent users will not be authenticated again. They will operate in the current
authorized VLAN.
If the port authorize mode is host based mode, then each user will be authorized individually and
be capable of getting its own assigned VLAN.
If port’s block time is set to” infinite”, it means that a failed authentication client will never be
blocked. Block time will be set to “0”.
Format
config mac_based_access_control ports [<portlist> | all] {state [enable | disable] | mode
[port_based | host_based] | aging_time [infinite | <min 1-1440>] | block_time <sec 0-300> |
max_users [<value 1-1000> | no_limit]}(1)
Parameters
ports
- Specifies a range of ports for configuring the MAC-based Access Control function
parameters.
<portlist>
- Enter the list of port used for this configuration here.
all
- Specifies all existed ports of Switch for configuring the MAC-based Access Control
function parameters.
state
- (Optional) Specifies whether the port’s MAC-based Access Control function is enabled or
disabled.
enable
- Specifies that the port's MAC-based Access Control states will be enabled.
disable
- Specifies that the port's MAC-based Access Control states will be disabled.
mode
- (Optional) Specifies the MAC-based access control port mode used.
port_based
- Specifies that the MAC-based access control port mode will be set to port-
based.
host_based
- Specifies that the MAC-based access control port mode will be set to host-
based.
aging_time
- (Optional) A time period during which an authenticated host will be kept in an
authenticated state. When the aging time has timed-out, the host will be moved back to
unauthenticated state.
infinite
- If the aging time is set to infinite, it means that authorized clients will not be aged out
automatically.
<min 1-1440>
- Enter the aging time value here. This value must be between 1 and 1440
minutes.
block_time
- (Optional) If a host fails to pass the authentication, the next authentication will not
start within the block time unless the user clears the entry state manually. If the block time is
set to 0, it means do not block the client that failed authentication.
<sec 0-300>
-Enter the block time value here. This value must be between 0 and 300
seconds.
max_users
- (Optional) Specifies maximum number of users per port.
<value 1-1000>
- Enter the maximum number of users per port here. This value must be
between 1 and 1000.
no_limit
- Specifies to not limit the maximum number of users on the port. The default value is
128.
Restrictions
Only Administrators, Operators and Power-Users can issue this command.