11-08-2007 11:21 AM - edited 03-03-2019 05:45 AM
It appears that mac-auth-bypass was added in 12.1_22_ea9. But apparently only to 2940's?
Can anyone confirm this is not available in 2950's? And if so, why not?
11-08-2007 12:26 PM
Could it be just becuase they want you to upgrade to 2960's?
11-08-2007 01:59 PM
The release notes for 12.1(22)EA10 for the 2940, 2950 & 2955 have quite a bit on 802.1x MAC Authentication Bypass. I have a 2950-12T that runs the EI feature set that has 12.1(22)EA10a and I can confirm that 'dot1x mac-auth-bypass' is NOT available:
cat-2950(config-if)#dot1x ?
auth-fail----------Configure Authentication Fail values for this port
control-direction--set the control-direction value
default------------Configure Dot1x with default values for this port
guest-vlan---------Configure Guest-vlan on this interface
host-mode----------Set the Host mode for 802.1x on this interface
max-reauth-req-----Max No. of Retries to supplicant
max-req------------Max No. of Retries to Radius
port-control-------set the port-control value
reauthentication---Enable or Disable Reauthentication for this port
timeout------------Various Timeouts
cat-2950(config-if)#
In the release note it also states this isn't available on 2940 & 2950's (so I assume only 2955s?):
HTH
Andy
11-09-2007 06:01 AM
It's kinda funny how the notes for EA10 say
"Although the IEEE 802.1x inaccessible authentication bypass feature is mentioned in the Catalyst 2940 Switch Software Configuration Guide and the Catalyst 2950 Switch Software Configuration Guide, Catalyst 2950 and 2940 switches do not support this feature"
but the notes for EA9 say...
"These are the new software features in this release:
â¢Support for MAC authentication bypass to authorize clients based on the client MAC address (Catalyst 2940 switches)"
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide