Authentication MAC using ACS

Unanswered Question
Nov 23rd, 2008
User Badges:


I need some help to implement authentication of device's MAC Address (PC, laptop, IP Phone, printer) using ACS.

My goal is to create VMPS like, but using ACS as authenticator of any devices connect to the network.

Just connect devices to the network, and based on MAC address ACS define the proper VLAN.

I'm using ACS for Windows v4.1 and catalyst 2950(WS-2950T-24) 12.1-22 EA12.

thanks for any respond.


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
huangedmc Tue, 11/25/2008 - 15:34
User Badges:

You may want to consult a 802.1x guide...

We use ACS to authenticate wireless users through MAC method.

I guess same principle applies.

What you do is create internal ACS user accounts using the MAC address as username AND password.

For some reason our deployment only works w/ lower case letters and not capital ones.

ariantow123 Tue, 11/25/2008 - 20:28
User Badges:


Yes you're correct.

I have read this (dot1x) article too.

For development and test I used wired PC. And it seem doesn't support for dot1x.

Another solution using MAB, but the switch doesn't support for the command ..



huangedmc Wed, 11/26/2008 - 06:18
User Badges:

We don't do wired dot1x, but for our WLAN, one thing our techs overlook is in the Authentication tab of the LAN properties window, they forgot to check "Enable dot1x", and/or define the EAP type correctly. (PEAP in our case)


This Discussion