Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1184
Views
0
Helpful
1
Replies

solution for network device authentication - ACS?

brandonabrown
Level 1
Level 1

‎03-04-2013 09:59 AM - edited ‎02-21-2020 10:28 AM

hi everyone --

I'm looking to introduce basic network device authentication into my network of about 650 users. I'm looking for the easiest and least impactful method on the end user.

My thought would be to base this on the MAC address and not user authentication. Should this be able to be done through basic port-security on my switches or should I look at ACS?

*the main impetus for this is to deny access to any unauthorized wired device on the LAN.

Thanks.

Brandon

Labels:
0 Helpful
1 Reply 1

stojanr
Level 1
Level 1

‎03-09-2013 03:03 PM

If your users remain connected to the same ports on switches, and don't move to different ports, you could use port security with sticky mac learning to automatically assign appropriate allowed mac addresses to switch ports. If on the other hand you don't know to which port the users will connect, you'll have to use ACS or ISE with MAB to authenticate access.

Sent from Cisco Technical Support iPad App

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents