To configure a MAC address authentication server
- Go to Authentication > Author. Servers.
- Specify a name to identify the server instance.
- To create a new MAC address authentication server instance on the IC Series device, select MAC Address Authentication from the New list and click New Server.
- Perform one of the following:
- Enter MAC address entries in the MAC Address field in the 00:11:85:bb:8c:66 format, select Allow or Deny, and click Add. To enter wildcards, use the 00:11:22*:*:* format (a single asterisk represents two characters).
- In the Attributes field, enter a value pair to associate the MAC address with a particular group or organization. For example, dept=eng indicates that this MAC address belongs to engineering. When creating the MAC Address Realm, you can create a custom expression to assign the MAC address to a specific role.
- In the Attributes field, enter attributes to associate with a particular MAC address entry, Create the MAC address entry in the 00:01:e3:*:*:* format and associate the attribute. For example, GROUP = IP-PHONE.
- Click Save Changes.
- After configuring the MAC address authentication server, you must add the server Instance to a MAC address realm.
Creating a MAC Address Realm and Configuring Role Mapping Rules
- Create MAC address realms, which reference the authentication server, by going to UAC > MAC Address Realms.
- Create a role mapping, which is based on the custom expression. For example, userAttr.GROUP = `IP-PHONE`.
- Create location groups, which reference the realms, by going to UAC > Network Access Location Groups.