Configuring Static MAC Bypass of Authentication on MX Series Routers in Enhanced LAN Mode
You can configure a static MAC bypass list (sometimes called the exclusion list) on the switch to specify MAC addresses of devices allowed access to the LAN without 802.1X or MAC RADIUS authentication requests to the RADIUS server.
To configure the static MAC bypass list:
Specify a MAC address to bypass authentication:
[edit protocols authentication-access-control] user@router# set static 00:04:0f:fd:ac:fe
Configure a supplicant to bypass authentication if connected through a particular interface:
[edit protocols authentication-access-control] user@router# set static 00:04:0f:fd:ac:fe interface ge-0/0/5
You can configure a supplicant to be moved to a specific VLAN after it is authenticated:
[edit protocols authentication-access-control] user@router# set static 00:04:0f:fd:ac:fe interface ge-0/0/5 vlan-assignment default-vlan