Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
972
Views
0
Helpful
3
Replies

mac-auth-bypass on 2940's but not 2950's ???

acomiskey
Level 10
Level 10

‎11-08-2007 11:21 AM - edited ‎03-03-2019 05:45 AM

It appears that mac-auth-bypass was added in 12.1_22_ea9. But apparently only to 2940's?

http://www.cisco.com/en/US/docs/switches/lan/catalyst2950/software/release/12.1_22_ea9/release/notes/OL11484.html#wp999558

Can anyone confirm this is not available in 2950's? And if so, why not?

Labels:
0 Helpful
3 Replies 3

acomiskey
Level 10
Level 10

‎11-08-2007 12:26 PM

Could it be just becuase they want you to upgrade to 2960's?

0 Helpful

andrew.butterworth
Level 7
Level 7

‎11-08-2007 01:59 PM

The release notes for 12.1(22)EA10 for the 2940, 2950 & 2955 have quite a bit on 802.1x MAC Authentication Bypass. I have a 2950-12T that runs the EI feature set that has 12.1(22)EA10a and I can confirm that 'dot1x mac-auth-bypass' is NOT available:

cat-2950(config-if)#dot1x ?

auth-fail----------Configure Authentication Fail values for this port

control-direction--set the control-direction value

default------------Configure Dot1x with default values for this port

guest-vlan---------Configure Guest-vlan on this interface

host-mode----------Set the Host mode for 802.1x on this interface

max-reauth-req-----Max No. of Retries to supplicant

max-req------------Max No. of Retries to Radius

port-control-------set the port-control value

reauthentication---Enable or Disable Reauthentication for this port

timeout------------Various Timeouts

cat-2950(config-if)#

In the release note it also states this isn't available on 2940 & 2950's (so I assume only 2955s?):

http://www.cisco.com/en/US/docs/switches/lan/catalyst2950/software/release/12.1_22_ea10/release/notes/OL12607.html#wp1000257

HTH

Andy

0 Helpful

acomiskey
Level 10
Level 10
In response to andrew.butterworth

‎11-09-2007 06:01 AM

It's kinda funny how the notes for EA10 say

"Although the IEEE 802.1x inaccessible authentication bypass feature is mentioned in the Catalyst 2940 Switch Software Configuration Guide and the Catalyst 2950 Switch Software Configuration Guide, Catalyst 2950 and 2940 switches do not support this feature"

but the notes for EA9 say...

"These are the new software features in this release:

•Support for MAC authentication bypass to authorize clients based on the client MAC address (Catalyst 2940 switches)"

http://www.cisco.com/en/US/docs/switches/lan/catalyst2950/software/release/12.1_22_ea9/release/notes/OL11484.html#wp999558

0 Helpful
Customers Also Viewed These Support Documents