ACL assignment
You can specify an authorization ACL in the user account for a MAC authentication user to control the user's access to network resources. After the user passes MAC authentication, the authentication server (local or remote) assigns the authorization ACL to the access port of the user. The ACL will filter traffic for this user. You must configure ACL rules for the authorization ACL on the access device for the ACL assignment feature.
To ensure a successful ACL assignment, make sure the ACL does not contain rules that match source MAC addresses.
To change the access control criteria for the user, you can use one of the following methods:
Modify ACL rules on the access device.
Specify another authorization ACL on the authentication server.
For more information about ACLs, see ACL and QoS Configuration Guide.