Behaviors and Restrictions

1. For MAB authentication mechanism, the switch will transmit an Access-Request message with the host source MAC address as user and password. In the RADIUS server configuration, the format of the MAC address should be 12 hexadecimal digits, all lowercase and no punctuation.
2. If the host source MAC address is saved as a Static MAC in MAC Address Table, the MAC address will not be progressed during MAB process.
3. Switch can handle 10 different MAB requests at the same time per port for authentication.
4. In hybrid_mode, the host will be authenticated with EAP by default. If the host does not support EAP, it will fall back to MAB authentication mode.
5. In MAC-based mode, traffic from hosts not allowed for authentication will be dropped.
6. Before configuring MAC-based authentication mode, this port must be set to 802.1X Mode Auto. (MAC-Based mode can only be enabled when 802.1X port-control is auto.)
7. Each host is authenticated separately when using MAC-based authentication mode.
8. Guest VLAN and RADIUS VLAN assignment have no effect in MAC-based mode. (MAC-Based mode can only be enabled when 802.1x Guest VLAN and RADIUS VLAN assignment are disabled.)
9. In MAC-based mode, host information will be cleared after configuring the max host number. Hosts that have passed authentication will have to be authenticated again.
10. Host information will be cleared after authentication mode, link status or MAB mode has changed.
11. MAC Based mode does not support MAB hybrid mode.(MAC-Based mode can only be enabled when 802.1x MAB is mab_mode or disabled.)
12. Max host count is only effective when using MAC-based authentication mode.