Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?




Hierarchy Level


Configure MAC addresses to exclude from RADIUS authentication. The authentication allowlist provides an authentication bypass mechanism for supplicants connecting to a port, permitting devices, such as printers, to be connected to the network without going through the authentication process.



The MAC address of the device for which RADIUS authentication should be bypassed and the device permitted access to the port.

bridge-domain-assignment bridge-domain-assignment

(MX Series only) Specify the bridge-domain name or 802.1q tag identifier for the MAC address that should be allowed to bypass RADIUS authentication.

interface [interface-names]

Specify a list of interfaces on which the specified MAC addresses are allowed to bypass RADIUS authentication and allowed to connect to the LAN without authentication.

vlan-assignment (vlan-id | vlan-name

(EX, QFX, and SRX Series only) Specify the VLAN 802.1q tag identifier or name associated with the list of MAC addresses that should be allowed to bypass RADIUS authentication.

Required Privilege Level

routing—To view this statement in the configuration.

routing-control—To add this statement to the configuration.

Release Information

Statement introduced in Junos OS Release 10.1.

The [edit switch-options] hierarchy level was introduced in Junos OS Release 13.2X50-D10 for EX Series switches (ELS).