MAC Authenication Bypass
Simply put this is where we use the MAC address to determine what type of network access to grant. This is typically used for hardware devices that can not support certificates. Example: Printer; VOIP Phone; NTP; BMS (Building Managment System); Temperature/Humidity; Security Cameras; Security Controllers
A sample switch config might look something like.
aaa new-model
aaa authentication dot1x default group radius
aaa authorization network default group radius
aaa accounting dot1x default start-stop group radius
!
mab
spanning-tree portfast
spanning-tree bpduguard enable
!
radius-server host 10.18.1.50 key cisco123