Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1910
Views
0
Helpful
6
Replies

Apple wired Dot1X - on Cisco 2950 switches

Go to solution
Tim Lewis
Level 1
Level 1

‎06-25-2013 06:59 AM - edited ‎03-10-2019 08:35 PM

Hi, I have an issue with Apple desktop computers running 10.7 and 10.8 MacOS.

The problem is that we have only 2950 switches and we are very limited with what we can do on them, so we wanted basic DOT1X user authentication and VLAN placement. Those two are working great, except when user logs off, Mac stops sending DOT1X and port becomes unauthenticated. We alleviated that issue by using guest-vlan for failed dot1x authentications, but now we have a problem that once user logs in, there is no session change on 2950 and it doesn’t even try to authenticate user until we bounce the port.

Is there any way to fix this, on Cisco switch or Mac computer? One of the things that crossed my mind is bouncing port on Mac PC using some kind of logon script?

Has anyone else had this issue and was able to solve it?

Thanks.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Ravi Singh
Level 7
Level 7

‎06-25-2013 08:30 AM

Hello Align,

Cisco 2950 switch with 12.1(9) supports 802.1 x authentications. As you are saying that you already configured 802.1x authentication and its working fine. I think there is problem with your MAC OS configuration. Please follow the below link to configure 802.1x on Apple.

http://support.apple.com/kb/ht3326

View solution in original post

0 Helpful
6 Replies 6

Go to solution
Leo Laohoo
Hall of Fame
Hall of Fame

‎06-25-2013 07:34 AM

I believe 2950 does not support 802.1x.

The cheapest switch that will support 802.1x is the 2960-series of switches.

0 Helpful

Go to solution
Ravi Singh
Level 7
Level 7

‎06-25-2013 08:30 AM

Hello Align,

Cisco 2950 switch with 12.1(9) supports 802.1 x authentications. As you are saying that you already configured 802.1x authentication and its working fine. I think there is problem with your MAC OS configuration. Please follow the below link to configure 802.1x on Apple.

http://support.apple.com/kb/ht3326

0 Helpful

Go to solution
myanuary
Level 1
Level 1
In response to Ravi Singh

‎06-26-2013 12:52 AM

Is 2950 really support 802.1x ? as far i know start on 2960, 802.1x is supported, just like Leo said....

0 Helpful

Go to solution
Ravi Singh
Level 7
Level 7
In response to myanuary

‎06-26-2013 01:00 AM

Yes it is. Just see the below link for configuration 802.1x authentication on Cisco 2950 switch.

http://www.cisco.com/en/US/docs/switches/lan/catalyst2950/software/release/12.1_9_ea1/configuration/guide/Sw8021x.html

0 Helpful

Go to solution
myanuary
Level 1
Level 1
In response to Ravi Singh

‎07-05-2013 12:36 AM

but it looks like doesn't support CoA...

0 Helpful

Go to solution
Leo Laohoo
Hall of Fame
Hall of Fame
In response to myanuary

‎07-05-2013 03:29 AM

This is one of the main reason why we didn't use 2940/2950/2955 or 3550 for 802.1x.

0 Helpful
Customers Also Viewed These Support Documents