802.1x issue.

Answered Question
Oct 4th, 2007

I have a case that seems to be a bug:


In a cat2950 switch with 12.1(22)EA10 image I am seing working with 802.1x this:


If I am correctly authenticaded the PC goes to a normal Vlan, the production vlan but if the PC connected is not authenticated, the port is assigned to the Guest-Vlan. In this case sometimes appears the mac address in the mac-address-table and sometimes not.

The IOS 12.1.22(EA8)release notes has a solved caveat that talks about a similar case solved.



Correct Answer by wdrootz about 9 years 4 months ago

When an IEEE 802.1x-enabled interface has MAC authentication bypass (MAB) and guest VLAN enabled and the multiple-host mode configured, the switch no longer reloads if it receives traffic that is not an Extensible Authentication Protocol (EAP) frame and has a MAC address that is not in the MAB profile.

For more info:

http://www.cisco.com/en/US/docs/switches/blades/igesm/software/release/12.1_22_ea10/release/notes/43W7801.html#wp746349

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
wdrootz Wed, 10/10/2007 - 10:48

When an IEEE 802.1x-enabled interface has MAC authentication bypass (MAB) and guest VLAN enabled and the multiple-host mode configured, the switch no longer reloads if it receives traffic that is not an Extensible Authentication Protocol (EAP) frame and has a MAC address that is not in the MAB profile.

For more info:

http://www.cisco.com/en/US/docs/switches/blades/igesm/software/release/12.1_22_ea10/release/notes/43W7801.html#wp746349

jroldanvaldellos Tue, 10/16/2007 - 07:34

Thanks for this reply!

I?ve tested on 12.1.22 10 but not a version so let me update a switch and see if it get solved.


I?ll update you back ASAP.



jroldanvaldellos Thu, 10/18/2007 - 04:39

There you go! solved for 2950.

Do you know the same medicine for the 2960 series? if not I,ll look for it!!




Thanks

Actions

This Discussion