NAC 4.1.3 OOB - multiple hosts on same port issue

Unanswered Question
Apr 23rd, 2008

In a NAC OOB environment, using Catalyst 3750s (IOS 12.2.25) with MAC notification, an end user can attach a switch or hub to their Cisco IP phone, be authenticated by NAC and then additional PCs can attach to the hub and gain access to the network. I have configured the port profile to remove existing OOB users on that port when a new MAC is detected, but all that happens is that the PC that was originally on the port reauthenticates to the CAM. Anyone seen this, or have a workaround?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
varnavsky Wed, 04/30/2008 - 07:01

yupe ))

very interesting behavior...

pc->ip-phone->switch port.

The user has authenticated and the pc is in the access vlan.

next, connect the second pc to the switch port.. and wow )))

the port begins to change vlans between access and authentication depending which of 2 pcs is the last to send its packet...

Nice job!!!

Any ideas? =)


This Discussion