Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.


mac-auth-bypass on 2940's but not 2950's ???

It appears that mac-auth-bypass was added in 12.1_22_ea9. But apparently only to 2940's?

Can anyone confirm this is not available in 2950's? And if so, why not?


Re: mac-auth-bypass on 2940's but not 2950's ???

Could it be just becuase they want you to upgrade to 2960's?

Re: mac-auth-bypass on 2940's but not 2950's ???

The release notes for 12.1(22)EA10 for the 2940, 2950 & 2955 have quite a bit on 802.1x MAC Authentication Bypass. I have a 2950-12T that runs the EI feature set that has 12.1(22)EA10a and I can confirm that 'dot1x mac-auth-bypass' is NOT available:

cat-2950(config-if)#dot1x ?

auth-fail----------Configure Authentication Fail values for this port

control-direction--set the control-direction value

default------------Configure Dot1x with default values for this port

guest-vlan---------Configure Guest-vlan on this interface

host-mode----------Set the Host mode for 802.1x on this interface

max-reauth-req-----Max No. of Retries to supplicant

max-req------------Max No. of Retries to Radius

port-control-------set the port-control value

reauthentication---Enable or Disable Reauthentication for this port

timeout------------Various Timeouts


In the release note it also states this isn't available on 2940 & 2950's (so I assume only 2955s?):




Re: mac-auth-bypass on 2940's but not 2950's ???

It's kinda funny how the notes for EA10 say

"Although the IEEE 802.1x inaccessible authentication bypass feature is mentioned in the Catalyst 2940 Switch Software Configuration Guide and the Catalyst 2950 Switch Software Configuration Guide, Catalyst 2950 and 2940 switches do not support this feature"

but the notes for EA9 say...

"These are the new software features in this release:

•Support for MAC authentication bypass to authorize clients based on the client MAC address (Catalyst 2940 switches)"