This command is used to enable MAC Authentication Bypass (MAB) on an interface. MAB is a supplemental authentication mechanism that allows 802.1X unaware clients—such as printers, fax machines, and some IP phones—to authenticate to the network using the client MAC address as an identifier. However MAB can also be used to authenticate 802.1X aware clients.
This command also provides options to specify the type of authentication to be used, which can be either EAP-MD5, PAP, or CHAP. If enabled, EAP-MD5 is used by default.
| Default | Status: Disabled If enabled, the default authentication type is EAP-MD5. |
| Format | mab [auth-type {pap | eap-md5 | chap}] |
| Mode | Interface Config |
