authentication-whitelist
Syntax
authentication-whitelist {
mac-address {
bridge-domain-assignment bridge-domain-assignment;
interface interface-name;
vlan-assignment ( vlan-id |vlan-name);
}
Hierarchy Level
[edit ethernet-switching-options];
[edit logical-systems name switch-options]
[edit switch-options]
Release Information
Statement introduced in Junos OS Release 10.1.
The [edit switch-options] hierarchy level was introduced in Junos OS Release 13.2X50-D10 for EX Series switches (ELS).
Description
Configure MAC addresses to exclude from RADIUS authentication. The authentication allowlist provides an authentication bypass mechanism for supplicants connecting to a port, permitting devices, such as printers, to be connected to the network without going through the authentication process.
Options
mac-address —The MAC address of the device for which RADIUS authentication
should be bypassed and the device permitted access to the port.
bridge-domain-assignment bridge-domain-assignment—(MX Series only) Specify the bridge-domain
name or 802.1q tag identifier for the MAC address that should be allowed
to bypass RADIUS authentication.
interface [interface-names]—Specify a list of interfaces on which
the specified MAC addresses are allowed to bypass RADIUS authentication
and allowed to connect to the LAN without authentication.
vlan-assignment (vlan-id | vlan-name—(EX,
QFX, and SRX Series only) Specify the VLAN 802.1q tag identifier or
name associated with the list of MAC addresses that should be allowed
to bypass RADIUS authentication.
Required Privilege Level
routing—To view this statement in the configuration.
routing-control—To add this statement to the configuration.