MAC Authentication Bypass on Catalyst 2950 supported?

cisco

    Sponsored Links

    Next

  • 1. valid router configuration
    Could someone tell me if this router configuration is correct focusing on syntax and correct router mode for each command. Router> enable Router# config t Router(config)# Hostname Lab_A Router(config)# enable password cisco Router(config)# enable secret class router(config)# line console 0 router(config-line)# login router(config-line)# password cisco router(config)# line auxillary 0 router(config-line)# login router(config-line)# password cisco router(config)# line vty 0 4 router(config-line)# login router(config-line)# password cisco router(config)# router rip Router(config-router)# network 192.5.5.0 Router(config-router)# network 205.7.5.0 Router(config-router)# network 201.100.11.0 Router(config-router)# interface e1 Router(config-if)# ip address 205.7.5.1 255.255.255.0 Router(config-if)# no shut Router(config-router)# interface e0 Router(config-if)# ip address 192.5.5.1 255.255.255.0 Router(config-if)# no shut Router(config-router)# interface s0 Router(config-if)# ip address 201.100.11.1 255.255.255.0 Router(config-if)# clock rate 9600 Router(config-if)# no shut On different router: Router(config)# ip host Lab_A 192.5.5.1 255.255.255.0 Router(config)# ip host Lab_A 205.7.5.1 255.255.255.0 Router(config)# ip host Lab_A 201.100.11.1 255.255.255.0
  • 2. IP and ARP
    Hi there, I am using an unused IP address(when I ping it it does not reply) to a windows machine and I am getting a message "System has detected a duplicate IP on the network, the interface has been disabled". I am pinging a few unused IPs in a row, then do a arp -a from another machine and I notice all unused IPs I ping seem to show same MAC address(the one on the machine above). Are there any tools to map MAC addresses to IPs? What should I do? Thanks a lot, Calin
  • 3. Routing a second subnet down a VPN
    We have a VPN up between 2 end points and need to route a second subnet. Do I need to run some routing protocol down the VPN to send a second subnet the right way ? Gary
  • 4. Is Flash Flash?
    Will a Catalyst 6000 series Flash card (MEM-C6K-FLC24M) work in a 3660 router? Ive got a 3660 with 16MB onboard Flash and need to upgrade the IOS which is about 18MB. Ideally I'd like to load the new IOS on a PCMCIA Flash card. I have a chance to buy a 24MB Catalyst flash card but am not sure if it will work in the 3660. Thanks!

MAC Authentication Bypass on Catalyst 2950 supported?

Postby Daniel Alex » Fri, 16 May 2008 12:41:13 GMT

Hi all,

Which IOS release that supports MAC Authentication Bypass (MAB) for Catalyst 
2950 switch? Currently I have 12.1-22 EA8a version and I would like to use 
this feature.

Thanks very much.

Regards,

Daniel 


Similar Threads:

1.Problems with Catalyst 2950 and Mac OS X 10.4 Systems

Hello,

since we have replaced our Catalyst 2924XL switches with Catalyst 2950 
we get more and more problems with Apple Macintosh OS X 10.4 Systems 
with G5 processors.
The systems get their static IP addresses from two SuSE Linux 
DHCP-Servers. In our campus-LAN 76 VLANs are configured.

Normally everything works well, but sometimes some Mac OS X 10.4 systems 
lose suddenly their server mounts.
Sometimes other Mac OS X 10.4 systems dont get an IP address while 
booting. After a reboot it works regularly.
Deactivating the port-security doesnt help.
"Spanningtree portfast" and "switchport nonegotiate" is configured on 
the switchport.

Has anyone a hint on this problem?
Thanks in advance!
Kai Matthies

----
Our configuration:

CatXX#sh vers
Cisco Internetwork Operating System Software
IOS (tm) C2950 Software (C2950-I6Q4L2-M), Version 12.1(22)EA1b, RELEASE 
SOFTWARE (fc1)
Copyright (c) 1986-2004 by cisco Systems, Inc.
Compiled Tue 24-Aug-04 00:12 by yenanh
Image text-base: 0x80010000, data-base: 0x8055C000

ROM: Bootstrap program is C2950 boot loader

Cat76 uptime is 47 weeks, 6 days, 7 hours, 32 minutes
System returned to ROM by power-on
System restarted at 15:05:25 MESZ Tue Jun 14 2005
System image file is "flash:/c2950-i6q4l2-mz.121-22.EA1b.bin"

cisco WS-C2950G-48-EI (RC32300) processor (revision Q0) with 20873K 
bytes of memory.
Processor board ID XXXXX
Last reset from system-reset
Running Enhanced Image
48 FastEthernet/IEEE 802.3 interface(s)
2 Gigabit Ethernet/IEEE 802.3 interface(s)

32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: xx:xx:xx:xx:xx:xx
Motherboard assembly number: 73-7409-12
Power supply part number: 34-0965-01
Motherboard serial number: XXXXX
Power supply serial number: XXXXX
Model revision number: Q0
Motherboard revision number: A0
Model number: WS-C2950G-48-EI
System serial number: XXXXXX
Configuration register is 0xF

CatXX#sh run int fast 0/22
interface FastEthernet0/22
  description XXX
  switchport access vlan 721
  switchport mode access
  switchport nonegotiate
  switchport port-security
  switchport port-security mac-address sticky
  switchport port-security mac-address sticky 0000.1111.2222
  no snmp trap link-status
  no cdp enable
  spanning-tree portfast
end

CatXX#sh int fast 0/22
FastEthernet0/22 is down, line protocol is down (notconnect)
   Hardware is Fast Ethernet, address is 0013.1953.xxxx (bia 0013.1953.xxxx)
   Description: XXX
   MTU 1500 bytes, BW 100000 Kbit, DLY 1000 usec,
      reliability 255/255, txload 1/255, rxload 1/255
   Encapsulation ARPA, loopback not set
   Keepalive set (10 sec)
   Auto-duplex, Auto-speed, media type is 100BaseTX
   input flow-control is unsupported output flow-control is unsupported
   ARP type: ARPA, ARP Timeout 04:00:00
   Last input 29w0d, output 01:18:10, output hang never
   Last clearing of "show interface" counters 3d12h
   Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
   Queueing strategy: fifo
   Output queue: 0/40 (size/max)
   5 minute input rate 0 bits/sec, 0 packets/sec
   5 minute output rate 0 bits/sec, 0 packets/sec
      276641 packets input, 102028305 bytes, 0 no buffer
      Received 1969 broadcasts (0 multicast)
      0 runts, 0 giants, 0 throttles
      0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
      0 watchdog, 1189 multicast, 0 pause input
      0 input packets with dribble condition detected
      797521 packets output, 121800493 bytes, 0 underruns
      0 output errors, 0 collisions, 0 interface resets
      0 babbles, 0 late collision, 0 deferred
      0 lost carrier, 0 no carrier, 0 PAUSE output
      0 output buffer failures, 0 output buffers swapped out

CatXX#sh int fast 0/22 switchport
Name: Fa0/22
Switchport: Enabled
Administrative Mode: static access
Operational Mode: down
Administrative Trunking Encapsulation: dot1q
Negotiation of Trunking: Off
Access Mode VLAN: 721 (XXX)
Trunking Native Mode VLAN: 1 (default)
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk private VLANs: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Protected: false
Unknown unicast blocked: disabled
Unknown multicast blocked: disabled
Appliance trust: none

2.anyone know about: vlan trunking with catalyst 1900 to any other ios device (catalyst 2950)

3.anyone know about: vlan trunking with catalyst 1900 to any other ios device (catalyst 2950)

4.Settinup 802.ix authentication with cisco 2950 and Micorsoft IAS

I have a project to stop rogue users form pluging onto my network. I
have seen where cisco switches can do port authentication with a radius
server. I would like to setup and IAS server on win2k3 as my radius
server. Can anyone provide me with configuration guides to configure
the switch as well as the IAS server? I would really appreciate the
assistance.

PWM

5.Debug mac access-list extended 2950

Is there a way to debug extended mac access-lists?  I have not found
anything on the Cisco Web Sit or in my switch doc.

My layer2 acl is blocking everything and I do not have any way of
seeing what is happening.  show access-list does not provide a count of
deny frames.  All the debug commands I looked at are for layer3&4
ACL's.

Any suggestions would be appreciated.

6. 2950 switch - max mac-add table size?

7. Port-security mac address on 2950

8. 2950 empty mac address table



Return to cisco

 

Who is online

Users browsing this forum: No registered users and 99 guest