Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

MAC address and VLAN assignement

Is there a way to control what VLAN a user is placed in based on their MAC address? There is VMPS but it requires a Catalyst 5000 as a VMPS server, but we don't have a Cat. 5000.

Thanks.

5 REPLIES
New Member

Re: MAC address and VLAN assignement

As far as i know, Nortel 8600 series passport switches support mac_address based Vlans, i am not sure if Cisco have such switches.

Re: MAC address and VLAN assignement

Hi,

AFAIK, you can use any Cisco CatOS switch (Cat4000,5000,6000) as a VMPS server.

See http://www.cisco.com/univercd/cc/td/doc/product/lan/cat4000/8_2/confg/vmps.htm#35409

Regards,

Milan

New Member

Re: MAC address and VLAN assignement

You can use another Catalyst box to run as a vmps server. But on a 6500 as we found out you can only run the vmps server with it running in hybrid mode. If your running straight IOS on it, you won't be able to do it. There are several solutions, I believe Cisco now has a seperate box which will run VMPS under an NT/2K platform (can't think of the name of this box off the top of my head). Or there are several opensource solutions that you can run on any linux/unix box. I've heard of some success with these:

http://sourceforge.net/projects/vmps/

http://sourceforge.net/projects/vmps-srv/

We have a custom built java app that runs on a solaris box that we register MAC's with. It will then create DHCP records (we hand out static IP's via DHCP), unix host files, DNS, reverse DNS, and vmps files. We push this info out every 15minutes and our 6500's redownload the vmps file via tftp and all switches are set to reconfirm every 15minutes. Works great except on our old 1900EN's (which the majority of our switches are). We found they don't always reconfirm like they are suppose to(you can't specify a reconfirm interval on them). We have a telnet script we wrote to telnet to all 1900EN's and reconfirm them manually every 30 to 45 minutes. --greg

Bronze

Re: MAC address and VLAN assignement

This can also be accomplished on Cisco devices with 802.1x, but VMPS tends to be easier.

New Member

Re: MAC address and VLAN assignement

Can VMPS and 802.1x run in the same switch? I'm planning to implement 802.1x but there are some devices in the network that don't support it and they tend to move from time to time. I'm planning to use VMPS for them instead of static port security.

Thanks,

Fernando

191
Views
0
Helpful
5
Replies
CreatePlease login to create content