Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

802.1x: MAC Authentication Bypass

Hey sorry for keeping bugging you guys...

So I am configuring this Bypass thing on my 3750 switch. It works fine. It seems the switch will send a access request to the radius server (I use FreeRadius) with the username/password both as the MAC address of the deivce.

However my dilema is that I have 200+ these devices. I can easily create a user group with MAC starting with 00a008 (which are the first 3 octets of the MAC addresses), however it's impossible to include each of the MAC address as the password!

So my question is that whether there is a way to configure the switch use a static string as the password for all the devices using MAC Authentication Bypass?

Thank you!!

Difan

2 REPLIES
Cisco Employee

Re: 802.1x: MAC Authentication Bypass

Difan:

I went through your post  and understand that you are in a process of configuring 802.1x with MAB in such way so that you use custom password (except Mac address) for all users OR shared password string that should be sent by the switch but this is not possible.

Reason: Switch only send the device Mac address as the username and password. The user name should be the mac address of the client and the password should be same as username and this can't be change on cisco switches.


I have also attached a document regarding MAB for your better understanding.


This forum is only for you guys...keep bugging us


HTH

JK


Pls rate helpful posts-

~BR Jatin Katyal **Do rate helpful posts**
New Member

Re: 802.1x: MAC Authentication Bypass

Hey JK, thank you very much for breaking my hope so straight forward lol

I guess I need to find a way to do it on my radius server then...\

3513
Views
9
Helpful
2
Replies
CreatePlease to create content