802.1x an mac-address bypass from remote

Unanswered Question
Nov 27th, 2009
User Badges:


just configuring a CISCO1812 for a remote location. Connect to the central location is via VPN-Tunnel LAN-to-LAN terminated by a Concentrator. This works very well. Clients with personal computers connected to the switch-ports of the router are authenticated with 802.1x and PEAP using an ACS-Server.

Now I'm looking for the best solution to connect non-802.1x clients (Printer etc.).

I've read tons of documents, some of them stating, the ACS should contain a user with mac-address of the non-802.1x client. But I never see a packet arriving on the ACS-Server form this clients. Debug on the router shows that dot1.x is waiting for EAPOL messages from the client.

What is wrong?

Is this not supported by CISOC1812?

I found a whitepaper for CISCO871 which describes this feature: http://www.cisco.com/en/US/technologies/tk583/tk372/technologies_white_paper09186a00801fdef9.html

Has anybody a working solution for this. Should not be that unusual.



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)


This Discussion