Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

MAC Authentication on Catalyst 3550/2950

Hi

I have a requirement similar to the way APs use MAC authentication on the ACS/RADIUS box. I want the switch to authenticate a "sensed" MAC address on a switchport using RADIUS. I assume that on RADIUS you'd have a list of MAC-Address "users" and when the switch queries the ACS for authenication it returns a success or failure.

.

Also, if this configurable, what happens to the port if the authentication fails (invlaid/unknown MAC). Does is shutdown for a period of time

.

Am I touching on a feature of Port Security here? I assumed port security only allowed local MAC address tables for that switch....ideally, I'd like the MACs on the ACS server as users where it is a lot easier to manage

Any suggestions on how I can get this working ?

Regards

Nathan

2 REPLIES
New Member

Re: MAC Authentication on Catalyst 3550/2950

This can be handled with port security/802.1x.

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat2950/12119ea1/2950scg/sw8021x.htm#1063385

The action taken in the event of a violation (failed authentication) is configurable.

New Member

Re: MAC Authentication on Catalyst 3550/2950

I have the same requirement. We want to use ACS for MAC authentication.

Sean, your solution still requires the MAC to be on the switch locally instead of ACS, since it is still port security.

regards

180
Views
0
Helpful
2
Replies
CreatePlease to create content