Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1083
Views
2
Helpful
2
Replies

enabling 802.1x and MAC Authentication Bypass on ACS 4.2

alexals
Level 1
Level 1

‎05-22-2008 12:15 AM - edited ‎03-10-2019 03:51 PM

Hi experts,

I have a few questions regarding 802.1x & MAC Authentication Bypass configured on ACS 4.2.

i. Is it possible to configure MAC authentication + 802.1x on ACS 4.2 at the same time? Here is the scenario;

Our company would like to enforce 'double authentication' on each staff machine (include those personal laptop/notebook). Each time the staff plugged into company's network, they will need to supply username & password in order to get access. After that, the ACS server will also check whether the user's MAC address is valid by checking against its own database. This MAC address is tied to the staff's user profile in ACS. If the login information supplied by the staff is valid but the MAC address of their machine is not match in ACS database, then the staff will not be able to gain access unless after notifying the administrator about it.

ii. If it is possible, any reference that I can check on how to configure this?

The reason why I need MAC authentication + 802.1x to be configured at ACS as most of our switches are not cisco based and only capable to support 802.1x.

Hope anyone here could help me on this.

Thanks very much,

Daniel

Labels:
0 Helpful
2 Replies 2

jafrazie
Cisco Employee
Cisco Employee

‎05-22-2008 06:30 AM

With ACS, you can setup NARs (or Network Access Restrictions) to permit/deny access based on IP/non-IP based filters (like MAC Addresses).

Specific info is here:

<http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_user_guide_chapter09186a008018494f.html#313>

Hope this helps,

alexals
Level 1
Level 1
In response to jafrazie

‎05-22-2008 10:55 PM

Sorry, the link is not valid. Can you give me other related link?

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents