cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Announcements
Choose one of the topics below to view our ISE Resources to help you on your journey with ISE

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

220
Views
0
Helpful
3
Replies
Highlighted
Beginner

Mac Address Bypass on Cisco Nexus N9K-C93180YC-EX

I planned to deploy Cisco ISE as 802.1X and MAB authentication server in our environment. We have two units of Cisco N9K-C93180YC-EX version 9.2.2 running as server Switches. We would like to configure MAC Address Bypass authentication on connect to Server which running as Trunk and vPC. I'm not sure whether MAC Address Bypass does support on Nexus Trunk and vPC or not. Does anyone have experienced with that?

 

 

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Contributor

Re: Mac Address Bypass on Cisco Nexus N9K-C93180YC-EX

From the link below:

Note

Dot1x supports static port-channels.


Note

You must disable 802.1X on FEX and VPC ports, and the unsupported features.

 

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/7-x/security/configuration/guide/b_Cisco_Nexus_9000_Series_NX-OS_Security_Configuration_Guide_7x/b_Cisco_Nexus_9000_Series_NX-OS_Security_Configuration_Guide_7x_chapter_011001.htm...

 

Tells me what you want to do is unsupported with VPC, but will work if it's just a static trunk.

View solution in original post

3 REPLIES 3
Highlighted
Contributor

Re: Mac Address Bypass on Cisco Nexus N9K-C93180YC-EX

From the link below:

Note

Dot1x supports static port-channels.


Note

You must disable 802.1X on FEX and VPC ports, and the unsupported features.

 

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/7-x/security/configuration/guide/b_Cisco_Nexus_9000_Series_NX-OS_Security_Configuration_Guide_7x/b_Cisco_Nexus_9000_Series_NX-OS_Security_Configuration_Guide_7x_chapter_011001.htm...

 

Tells me what you want to do is unsupported with VPC, but will work if it's just a static trunk.

View solution in original post

Highlighted
Beginner

Re: Mac Address Bypass on Cisco Nexus N9K-C93180YC-EX

Thank Gbekmazi.

 So it's not support even we configure it on the physical ports(member of the vPC)?

Highlighted
Beginner

Re: Mac Address Bypass on Cisco Nexus N9K-C93180YC-EX


@gbekmezi-DD wrote:

From the link below:

Note

Dot1x supports static port-channels.


Note

You must disable 802.1X on FEX and VPC ports, and the unsupported features.

 

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/7-x/security/configuration/guide/b_Cisco_Nexus_9000_Series_NX-OS_Security_Configuration_Guide_7x/b_Cisco_Nexus_9000_Series_NX-OS_Security_Configuration_Guide_7x_chapter_011001.htm...

 

Tells me what you want to do is unsupported with VPC, but will work if it's just a static trunk.



Thank Gbekmezi.

 So it's not support even we configure it on the physical ports(member of the vPC)?