802.1x dynamic vlan assignment based on MAC?

Answered Question
Jul 27th, 2010

Hello,

I am using Catalyst3750 and Widows AD Authentication.

Our customers' pc is runnnig Windows (isn't 802.1x capable) that is connected to the catalyst switch.

Is it possible to dynamic assign a Vlan based on MAC?

When possible, we want to make it without using VMPS.

and, is there any document relating to the above.

Thanks a lot for you help.

Tomoyuki

I have this problem too.
0 votes

Hello Tomoyuki,

which Radius Server are you using to authenticate your Clients?

For the Secure ACS you can configure a feature called "MAC-Authentication-Bypass" which fullfils your requirements.

This Feature must be configured on the Switch and on the Radius Server (which does the vlan assigment based on the MAC-Address of the Client)

An Overwiew of this feature can be found here:

http://www.cisco.com/univercd/cc/td/doc/solution/macauthb.pdf

I hope this helps,

Kind regards,

Chris

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer

Hello Tomoyuki,

which Radius Server are you using to authenticate your Clients?

For the Secure ACS you can configure a feature called "MAC-Authentication-Bypass" which fullfils your requirements.

This Feature must be configured on the Switch and on the Radius Server (which does the vlan assigment based on the MAC-Address of the Client)

An Overwiew of this feature can be found here:

http://www.cisco.com/univercd/cc/td/doc/solution/macauthb.pdf

I hope this helps,

Kind regards,

Chris

t-yamashita Thu, 07/29/2010 - 17:15

Hello Chris,

I'm using radius that secure ACS server.

Thanks a lot  for your help.

I appreciate it.

Tomoyuki

Actions

This Discussion