Authorized Mac

The Authorized MAC ACL is used to only allow a user that has been authorized via 802.1x or MAB on the port. If the user fails authentication, they will be denied access to the port.   

EMS Authorized Mac Procedure   

1. Open a Panorama PON (EMS) session, click on the Profile icon button and the ACL tab.
2. Select the EMS ACL Create a new profile icon and name the ACL profile as AuthorizedMac-1.  
3. Click on the Create Rule buttonbutton and perform the following steps:
   
   

Step 1: Enter "Filter-1" in Rule Name: entry box:

Step 2: Select "Basic ACL" from the ACL Type: Dropdown

Step 3: Select "Permit "from the Action: Dropdown

Step 4: Select "Authorized Mac(s)" from the SourceMAC(s): dropdown

Step 5: Click on the Add button to add the MAC address and bit count to the Source Mac(s) window

Step 6: Select the MAC address entry in the Source Mac(s) window

Step 7: Enter "1" in the Max MAC(s) entry box

Step 8: Enter "xx" in the Max IPs Per MAC entry box

Step 9: Click on the Add buttonto add the Bound SRC IP(s) and bit count to the Bound SRC IP(s):  window

Step 10: Click on the Save button to save the rule profile

4. Click on the Apply button to add the ACL profile to the Profile Name window list.
5. After the Profile has been generated, the ACL status is displayed.  Click on the Close button to complete the ACL profile.

CLI ACL Authorized Mac Procedure 

1. Open a CLI session and create an AuthorizedMac ACL profile.

ESUx> profile acl create name=AuthorizedMac-1 <enter> 
success 
ESUx> _ 

1. From the ESUx> command line, input profile acl edit name=AuthorizedMac-1 rule number=1 sa=authorized max-macs=1, and press Enter.Output similar to the following is displayed:

   ESUx> profile acl edit name=AuthorizedMac-1 rule number=1 sa=authorized max-macs=1 <enter> success ESUx> _