Using MAC pinning in User Roles

The switch allows to use MAC Pinning in a colorless way with local and downloadable user roles. This option allows the administrator to set up MAC Pinning irrespective of the device connection port, the MAC does not age until the device disconnects, or switch reboots. This feature is useful in IoT deployments where nonstandard devices remain silent after authentication. The administrator uses MAC Pinning to ensure that the devices are always reachable.

To enable MAC Pinning in User Roles, set the logoff-period to zero seconds instead of executing the mac-pin CLI. The following example shows the configuration of a printer user role by setting logoff-period to zero:

switch(config)# show user-role PRINTER
User Role Information
   Name                              : PRINTER
   Type                              : local
   Reauthentication Period (seconds) : 0
   Logoff Period (seconds)           : 0
   Untagged VLAN                     : 1
   Tagged VLAN                       :
   Captive Portal Profile            :
   Policy                            :
   Tunnelednode Server Redirect      : Disabled
   Secondary Role Name               :