How to configure EPA with one-to-one correspondence between usernames and mac addresses

How to configure EPA with one-to-one correspondence between usernames and mac addresses

How to configure EPA with one-to-one correspondence between usernames and mac addresses

book

Article ID: CTX472831

calendar_today

Updated On:

Description

This article address a configuration sample to configure EPA with one-to-one correspondence between usernames and mac addresses

Instructions

Add mac address to AD user attribute "description"

Configure LDAP server: set attribute 2 to description

Configure advanced expression: add policy expression macExpr "AAA.LOGIN.CLIENT_MAC_ADDR.EQ(AAA.USER.ATTRIBUTE(2))"
Configure EPA action and policy:
- add authentication epaAction mac -csecexpr "sys.client_expr(\"mac-addr_0_macExpr\")"
- add authentication Policy epa_mac_pol -rule true -action mac
Bind it to AAA VS

Was this article helpful?

thumb_up Yes

thumb_down No