Did you use a 3rd party vmps product? Just curious.. Administering 80K nodes (or even 10K) by manually editing a flat file seems like a lot of overhead! I know that SourceForge has an open source implementation, but have never checked it out..

No, I never used a 3rd party tool but I wrote a WEB Interface with an interface to our hardware inventory database. The vmps database is created automatically very night and I can aid "guest accounts" very easy...

The biggest problem I have is that we have a lot of subnets with different vlan names. So I need foreach client subnet(approx. 40) one vmps server.

All our switches are running cisco IOS. This means I have to buy 40 2948-G for example which can act as a vmps server.

To use a third party application seems to be the best solution but I think Cisco does not support that...

Were you using a 6500 with a set based IOS or Native IOS? We are trying to find a switch other than the 5000 that will be the VMPS server and the 6509 with set based IOS will work but ours is Native IOS and we would rather not switch.

Kelvin

There aren't any IOS switches that support VMPS Server functionality. Only the 4000/5000/6000 series with CatOS support it. Whenever the "When will IOS support VMPS Server functionality?" question is asked, the Cisco response has been that there are "no plans" to do this, which is unfortunate.

You could use URT - User Registration Tool. This is the VMPS component running on a PC, albeit a Cisco Network Device (PC in a Blue Box with Cisco stamped on it....). It offers a bit more than VMPS as it allows User Identification and integration with various User Databases (NT/Active Directory, NDS, LDAP etc).

My personal choice would be to not bother - dynamic or any spanning VLANs make me cringe. Why do you need dynamic VLANs - will port security not give you enough?

Andy

In general, the more hosts there are, the less practical port security is. VMPS prevents one from having to make manual configuration changes on one or more switches whenever a host moves.

We need dynamic ports because we have a lot of mobile users and they don't use the same switchport every time...

If I use UT, it must be a VERY STABLE Software, but I have not the best experience with other Cisco Software such as CiscoWorks or CiscoACS...

Does UT allows to implement conditions?

For ecample:

MAC A => VLAN 100 IF SWITCHIP = 9.9.9.1

MAC A => VLAN 120 IF SWITCHIP = 9.9.8.10

... or ...

USER XY => VLAN 100 IF SWITCHIP = 9.9.9.1

USER XY => VLAN 120 IF SWITCHIP = 9.9.8.10

All our Switches are running Native IOS (6509,3500,2900,...).

You can use a 2948-G (Cat4000 Sup), this is the smallest VMPS Server i know...