MAC based authentication for WIRED users

Unanswered Question
Jul 17th, 2008


I want to achieve mac based authentication for wired users so that any non-registered mac address can be moved to a different zone from where only http access will be provided, rest all access will be blocked. Once his MAC address is entered into the database, he will be able to access the resources.

I do have 2960 switches, 4500 switches & ACS.

Is this achieveable?? If so please guide me with config script

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (3 ratings)
acharyr123 Mon, 07/21/2008 - 00:49


Can Cisco 2960/2950/3560 switch become 802.1x supplicant??

I am unable to configure mac-auth-bypass on 2960/2950/3560 switch. But in 4507R it is happening. Does it mean this option is available only with 4500!!

acomiskey Mon, 07/21/2008 - 04:49

2960 and 3560 support it. Check your IOS, you may need a newer version to support it.

It is not supported on 2950.

acomiskey Wed, 07/23/2008 - 07:53

I don't think you need those authentication settings on the client machine, as mac auth bypass is really for devices which do not support 802.1x. Make sure you added username/password as the mac address, all lower case.


This Discussion