mac-auth-bypass on 2940's but not 2950's ???

Unanswered Question
Nov 8th, 2007
User Badges:
  • Green, 3000 points or more

It appears that mac-auth-bypass was added in 12.1_22_ea9. But apparently only to 2940's?

Can anyone confirm this is not available in 2950's? And if so, why not?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
acomiskey Thu, 11/08/2007 - 12:26
User Badges:
  • Green, 3000 points or more

Could it be just becuase they want you to upgrade to 2960's?

andrew.butterworth Thu, 11/08/2007 - 13:59
User Badges:
  • Gold, 750 points or more

The release notes for 12.1(22)EA10 for the 2940, 2950 & 2955 have quite a bit on 802.1x MAC Authentication Bypass. I have a 2950-12T that runs the EI feature set that has 12.1(22)EA10a and I can confirm that 'dot1x mac-auth-bypass' is NOT available:

cat-2950(config-if)#dot1x ?

auth-fail----------Configure Authentication Fail values for this port

control-direction--set the control-direction value

default------------Configure Dot1x with default values for this port

guest-vlan---------Configure Guest-vlan on this interface

host-mode----------Set the Host mode for 802.1x on this interface

max-reauth-req-----Max No. of Retries to supplicant

max-req------------Max No. of Retries to Radius

port-control-------set the port-control value

reauthentication---Enable or Disable Reauthentication for this port

timeout------------Various Timeouts


In the release note it also states this isn't available on 2940 & 2950's (so I assume only 2955s?):



acomiskey Fri, 11/09/2007 - 06:01
User Badges:
  • Green, 3000 points or more

It's kinda funny how the notes for EA10 say

"Although the IEEE 802.1x inaccessible authentication bypass feature is mentioned in the Catalyst 2940 Switch Software Configuration Guide and the Catalyst 2950 Switch Software Configuration Guide, Catalyst 2950 and 2940 switches do not support this feature"

but the notes for EA9 say...

"These are the new software features in this release:

•Support for MAC authentication bypass to authorize clients based on the client MAC address (Catalyst 2940 switches)"


This Discussion