03-15-2007 09:25 AM - edited 03-10-2019 03:02 PM
I'm configuring Agentless Authentication based om MAC addresses sendt from the access switch using MAB (MAC Authent. Bypass). I got it up and running, but with just one MAC address configured in the Authentication rule. When I try to configure more than one address in the rule, I get an error saying this is not a MAC address. How do you separate the MAC entries in the same Authentication rule. The doc says you can configure 10.000 addresses in one rule.
03-21-2007 08:54 AM
The ACS can authenticate MAC addresses sent from an AP/Switch. A properly configured AP/Switch will attempt to authenticate a MAC address using Secure-PAP authentication with the ACS. The MAC addresses are entered into the ACS as users, with the username and password being the MAC address.
1. From the ACS main menu, click on the USER SETUP button.
2. In the USER text box, type the MAC address to add to the user database. Use no dashes, periods,
or any other delimiter.
At the USER SETUP screen, enter the MAC address in the SECURE-PAP PASSWORD text box.
3.Click the SUBMIT button.
Adding the AP/Switch to the ACS server
1. From the ACS main menu click on the NETWORK CONFIGURATION button.
2. Click on the ADD ENTRY button.
3. Configure the DNS name of the AP, the IP address of the AP, the RADIUS shared secret and the
Authentication method.
4. Make sure to select RADIUS (Cisco Aironet) in the AUTHENTICATE USING drop down menu.
5. To complete, click the SUBMIT+RESTART button.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide