cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
756
Views
10
Helpful
5
Replies
alexwoodmansey
Beginner

dynamic VLAN assignment based on Subnet

Hi

I'm trying to work out the best way to dynamically assign a port based access vlans to equipment connected to a single Catalyst 9300 stack ideally without setting up 802.1x Port-Based Authentication. The end points and bits of field equipment that regularly get shifted around and are not pc's and use statically assigned IP addresses. I could also achieve the same thing using MAC addresses too if that would be easier. I've thoroughly read through the documentation relating to Vlans, Private vlans and VTP but i suspect there is a different more creative way to do this that i haven't realise yet. 

 

Any help appreciated. 

Alex 

5 REPLIES 5
Francesco Molino
VIP Mentor

Hi

There used to be a feature called vmps but doesn't exist anymore on new catalyst product families (like 9300). Goal was to have 1 switch as vmps server and all others as clients. You had to import a file which was based on mac address.
This brings me to the idea that the only proper and simple way (without 802.1x) i can think about is to leverage guestshell on ios-xe to run a Python script running and configuring ports with the correct vlan using a database with mac addresses and vlans (SQLite for example).

Obviously the best way to achieve this these days is deploying dot1x that'll also offers security.

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

Hi Francesco

 

thanks for the answer, and that makes sense, unfortunately it would be quite a tricky system to maintain in this environment that i'm deploying this in. It seems odd to me that this is something that is quite trivial to achieve with with a SG350 series switch but seemingly impossible with the a catalyst 9300, although, of course very different market segments and requirements i guess. 

thanks again. 

You can also look at device profile and auto smart port.

Here one of the multiple docs:
https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/XE3-6-0E/15-22E/configuration/guide/xe-360-config/automacr.pdf#page6

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

Ah great, thanks. I think the best way forward for me is going to be to try write a Auto Smartport user-defined macro and use a OUI range as a an event trigger for it (as all the equipment i am trying to Vlan is all from 1 manufacturer). I'm pretty sure that should do what i need, i just need to try figure out how to write the macro....

 

Thanks, Alex

Ok you're welcome.

Let me know how it goes

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question