Configuring a MAC authentication guest VSI

Restrictions and guidelines

The MAC authentication guest VSI feature has higher priority than the quiet feature of MAC authentication. When a user fails MAC authentication, the user can access the resources in the guest VSI. The user's MAC address is not marked as a silent MAC address.

You can configure only one MAC authentication guest VSI on a port. The MAC authentication guest VSIs on different ports can be different.

Prerequisites

Before you configure the MAC authentication guest VSI on a port, complete the following tasks:

For more information, see VXLAN Configuration Guide.

Procedure

  1. Enter system view.

    system-view

  2. Enter interface view.

    interface interface-type interface-number

  3. Specify the MAC authentication guest VSI on the port.

    mac-authentication guest-vsi guest-vsi-name

    By default, no MAC authentication guest VSI exists on a port.

  4. (Optional.) Set the authentication interval for users in the MAC authentication guest VSI.

    mac-authentication guest-vsi auth-period period-value

    The default setting is 30 seconds.