07-22-2008 07:24 PM - edited 02-21-2020 10:21 AM
Hi,
I tried to configure MAC authentication for registed users by ACS. But failed. Need help.
07-23-2008 05:49 AM
If you want to authenticate via the devices MAC address, then you need to disable 802.1X on the PC (which you have enabled for 802.1X with EAP-MD5 as the selected method).
Depends on what you need to achieve,
Hope this helps,
07-23-2008 09:20 AM
ok ok..i got ur point....please correct me the config steps:
1. Added switch as aaa client into acs
2. entered machine mac address into acs user-setup as both usename & password.
3. in 64,65 & 81 (in bother group & user setup) choosed 64=vlan; 65=802; 81=authenticated_vlan_id
4. in switch
aaa new-model
aaa authentication dot1x default group radius
radius-server host acs_ip auth-port 1645 acct-port 1646 key ****
dot1x system-auth-control
int fa0/1
switchport mode access
dot1x mac-auth-bypass
dot1x port-control auto
dot1x reauthentication
dot1x pae authenticator
dot1x guest-vlan 900
Note: Whenever i issue the command "port-control auto" the line protocol of the port goes down.
5. in end machine disable ieee 802.1x authentication.
I will try this setting tomorrow & update you accordingly.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: