Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Community Member

MAC authentication failed for Wired Users


I tried to configure MAC authentication for registed users by ACS. But failed. Need help.

Cisco Employee

Re: MAC authentication failed for Wired Users

If you want to authenticate via the devices MAC address, then you need to disable 802.1X on the PC (which you have enabled for 802.1X with EAP-MD5 as the selected method).

Depends on what you need to achieve,

Hope this helps,

Community Member

Re: MAC authentication failed for Wired Users

ok ok..i got ur point....please correct me the config steps:

1. Added switch as aaa client into acs

2. entered machine mac address into acs user-setup as both usename & password.

3. in 64,65 & 81 (in bother group & user setup) choosed 64=vlan; 65=802; 81=authenticated_vlan_id

4. in switch

aaa new-model

aaa authentication dot1x default group radius

radius-server host acs_ip auth-port 1645 acct-port 1646 key ****

dot1x system-auth-control

int fa0/1

switchport mode access

dot1x mac-auth-bypass

dot1x port-control auto

dot1x reauthentication

dot1x pae authenticator

dot1x guest-vlan 900

Note: Whenever i issue the command "port-control auto" the line protocol of the port goes down.

5. in end machine disable ieee 802.1x authentication.

I will try this setting tomorrow & update you accordingly.

CreatePlease to create content