Help
FortiSwitch
FortiSwitch: secure, simple and scalable Ethernet solutions
zendodg
Staff
Staff

Created on ‎09-03-2024 09:37 AM Edited on ‎10-15-2024 10:35 PM By Community Manager

Article Id 338552

Technical Tip: How to modify MAC format for MAB on FortiSwitch

Description This article describes how to modify a MAC format that is sent to the RADIUS server when authenticating with a MAC-Authentication setup.
Scope FortiSwitch authenticates clients with MAB on FortiSwitch v7.4.1 and above.
Solution

By default, when authenticating on Fortiswitch with MAB, the MAC address is going to be sent to RADIUS in the format xx-xx-xx-xx-xx-xx (lowercase):

 

mab.PNG

 

To change the way FortiSwitches send MAC addresses of end devices to the RADIUS server, use the following commands:

 

config switch global

config port-security

set mac-username-delimiter  [ hyphen / single-hyphen / colon / none }

set mac-password-delimiter [ hyphen / single-hyphen / colon / none ]

set mac-case [ uppercase / *lowercase ]

end

end

 

In this example, the MAC format is going to change from xx-xx-xx-xx-xx-xx to XX:XX:XX:XX:XX:XX.

 

config switch global

config port-security

set mac-case uppercase

set mac-password-delimiter colon

set mac-username-delimiter colon

end

end

 

endmab.PNG

 

Caller station ID can be modified in the same way that MAC format with the next commands:

 

config switch global
    config port-security
        set mac-calling-station-delimiter { *hyphen | single-hyphen | colon | none }
        set mac-called-station-delimiter { *hyphen | single-hyphen | colon | none }
    end
end
297
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.