04-23-2008 07:37 AM - edited 02-21-2020 01:59 AM
In a NAC OOB environment, using Catalyst 3750s (IOS 12.2.25) with MAC notification, an end user can attach a switch or hub to their Cisco IP phone, be authenticated by NAC and then additional PCs can attach to the hub and gain access to the network. I have configured the port profile to remove existing OOB users on that port when a new MAC is detected, but all that happens is that the PC that was originally on the port reauthenticates to the CAM. Anyone seen this, or have a workaround?
04-23-2008 08:06 AM
only workaround I found is port security.
04-30-2008 07:01 AM
yupe ))
very interesting behavior...
pc->ip-phone->switch port.
The user has authenticated and the pc is in the access vlan.
next, connect the second pc to the switch port.. and wow )))
the port begins to change vlans between access and authentication depending which of 2 pcs is the last to send its packet...
Nice job!!!
Any ideas? =)
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: