authentication-whitelist
Syntax
authentication-whitelist {
mac-address {
bridge-domain-assignment bridge-domain-assignment;
interface interface-name;
vlan-assignment ( vlan-id |vlan-name);
}
Hierarchy Level
[edit ethernet-switching-options]; [edit logical-systems name switch-options] [edit switch-options]
Description
Configure MAC addresses to exclude from RADIUS authentication. The authentication allowlist provides an authentication bypass mechanism for supplicants connecting to a port, permitting devices, such as printers, to be connected to the network without going through the authentication process.
Options
| mac-address | The MAC address of the device for which RADIUS authentication should be bypassed and the device permitted access to the port. |
| bridge-domain-assignment bridge-domain-assignment | (MX Series only) Specify the bridge-domain name or 802.1q tag identifier for the MAC address that should be allowed to bypass RADIUS authentication. |
| interface [interface-names] | Specify a list of interfaces on which the specified MAC addresses are allowed to bypass RADIUS authentication and allowed to connect to the LAN without authentication. |
| vlan-assignment (vlan-id | vlan-name | (EX, QFX, and SRX Series only) Specify the VLAN 802.1q tag identifier or name associated with the list of MAC addresses that should be allowed to bypass RADIUS authentication. |
Required Privilege Level
routing—To view this statement in the configuration.
routing-control—To add this statement to the configuration.
Release Information
Statement introduced in Junos OS Release 10.1.
The [edit switch-options] hierarchy level was introduced
in Junos OS Release 13.2X50-D10 for EX Series switches (ELS).