Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1440
Views
0
Helpful
1
Replies

dot1x Port Based Authentication, MAC bypass, FreeRadius

ma.cerqui
Level 1
Level 1

‎09-26-2004 11:22 PM - edited ‎03-10-2019 01:49 PM

Hello

I'm trying to do the following setup:

______________ _______________ ____________

| WinXP Client |---| Catalyst 2950 |---| FreeRadius |

-------------- --------------- ------------

1. Client starts up and wants to authenticate with his MAC address.

2. Catalyst sends the MAC address of the client to the FreeRadius server.

3. The server looks it up and replays the accept or deny to the Catalyst and tells him the VLAN of the client.

4. Catalyst puts the port to the authorized state and assigns the VLAN.

I got this setup to work, but only with username/password authentication. As don't want the client/user to do any thing, I would prefer MAC authentication. Is this possible? How do I have to setup up the Calatlyst and the Radius server?

Thanks

Marco

Labels:
0 Helpful
1 Reply 1

localhorscht
Level 1
Level 1

‎03-08-2005 06:18 AM

I think it is not possible. You have to use username/password. To use MAC for VLAN assignment tries VMPS with a Switch as VMPS server or OpenVMPS as VMPS Server.

See http://www.cisco.com/en/US/products/hw/switches/ps628/products_configuration_guide_chapter09186a00802c305f.html#wp1375288

Can you send me your freeradius and switch sonfig because I don't get it to run with freeradius?

0 Helpful
Customers Also Viewed These Support Documents