802.1x dynamic vlan assignment based on MAC?

Answered Question
Jul 27th, 2010
User Badges:
  • Gold, 750 points or more

Hello,


I am using Catalyst3750 and Widows AD Authentication.


Our customers' pc is runnnig Windows (isn't 802.1x capable) that is connected to the catalyst switch.


Is it possible to dynamic assign a Vlan based on MAC?


When possible, we want to make it without using VMPS.


and, is there any document relating to the above.


Thanks a lot for you help.


Tomoyuki

Hello Tomoyuki,


which Radius Server are you using to authenticate your Clients?


For the Secure ACS you can configure a feature called "MAC-Authentication-Bypass" which fullfils your requirements.


This Feature must be configured on the Switch and on the Radius Server (which does the vlan assigment based on the MAC-Address of the Client)


An Overwiew of this feature can be found here:


http://www.cisco.com/univercd/cc/td/doc/solution/macauthb.pdf


I hope this helps,


Kind regards,

Chris

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer

Hello Tomoyuki,


which Radius Server are you using to authenticate your Clients?


For the Secure ACS you can configure a feature called "MAC-Authentication-Bypass" which fullfils your requirements.


This Feature must be configured on the Switch and on the Radius Server (which does the vlan assigment based on the MAC-Address of the Client)


An Overwiew of this feature can be found here:


http://www.cisco.com/univercd/cc/td/doc/solution/macauthb.pdf


I hope this helps,


Kind regards,

Chris

t-yamashita Thu, 07/29/2010 - 17:15
User Badges:
  • Gold, 750 points or more

Hello Chris,


I'm using radius that secure ACS server.


Thanks a lot  for your help.


I appreciate it.


Tomoyuki

Actions

This Discussion