MAC Authentication Bypass on Catalyst 2950 supported?

Programming and Web Development Forums - cisco - Info on Cisco routers and bridges.

Skip to content

MAC Authentication Bypass on Catalyst 2950 supported?

cisco
Post a reply

    Sponsored Links

    Next

  • 1. PIX 515E - how many remote connections possible?
    Greetings, On the PIX 515e I have configured several "vpdn" users to allow senior people to get remote access to our network. I am wondering how many simultaneous VNP users that PIX may support. I want to add 5 more VNP user accounts. I know this may be a 2 part question - one how many the PIX can do at one time, and what our bandwidth can support. We use W2K clients, not using any special Cisco or other client VPN software. Thanks. Currently have dsl at 768K. Bill
  • 2. MRTG servers
    Hi, Thank you all experts very much for answering my previous questions. This time I would like to query about the Alert signal. I am using MRTG to monitor the Cisco Routers, Switches, W2K3 Servers and Exchange2003. I want to set up some alerts levels on the devices: 1. a baseline for Router and Switches, so that whenever no traffic for 5mins, a Alert Email will send to me via Email System; 2. Whenever the Bandwidths loading excceeding a certain values, a alert signal is sent out. 3. A baseline for Network devices and Servers CPU ( I shall set up 1 min interval monitoring ), whenever a CPU, RAM and Harddisk capacities loading excceeds the threshold values, a alert Email will send to me via Email System. 4. A threshold value for Exchange server( say Email Transfer rate ), whenever the value is excceeded, a alert signal is sent. How can I achieve the above requirements. Thank you
  • 3. L2TP from MAX to Cisco
    Hi, I'm trying to configure a Max2000 access router to forward all incoming connections to a Cisco router via L2TP ... the connection itself seems to be forwarded (i.e., Cisco debug shows an L2TP tunnel being opened), but I don't get any auth requests from either the Max or the Cisco router ... Has anybody been messing around with a similar config? Help appreciated, -garry
  • 4. Callmanager Routing Issues
    I have a Cisco CallManager in a mixed environment with a Nortel PBX. I am starting to take individual extensions(for test purposes) and rout them to the CallManager. This way when I start to roll it out company wide people do not have to change their phone numbers. Here is my problem. When I put my old extension on my IP phone this is what happens.  I can call out to IP Phones, PBX phones and the outside world  The outside world cannot call me  PBX phones cannot call me  IP phones on my network can call me. I have looked and I am unable to find the problem. My PBX person assures me it has been routed properly to the CallManager. I am sort of new but if the extension has been associated to my IP phone it should work, I think, Any thoughts.

MAC Authentication Bypass on Catalyst 2950 supported?

Postby Daniel Alex » Fri, 16 May 2008 12:41:13 GMT 

Hi all,

Which IOS release that supports MAC Authentication Bypass (MAB) for Catalyst 
2950 switch? Currently I have 12.1-22 EA8a version and I would like to use 
this feature.

Thanks very much.

Regards,

Daniel
Top

Similar Threads:

1.Problems with Catalyst 2950 and Mac OS X 10.4 Systems 

Hello,

since we have replaced our Catalyst 2924XL switches with Catalyst 2950 
we get more and more problems with Apple Macintosh OS X 10.4 Systems 
with G5 processors.
The systems get their static IP addresses from two SuSE Linux 
DHCP-Servers. In our campus-LAN 76 VLANs are configured.

Normally everything works well, but sometimes some Mac OS X 10.4 systems 
lose suddenly their server mounts.
Sometimes other Mac OS X 10.4 systems dont get an IP address while 
booting. After a reboot it works regularly.
Deactivating the port-security doesnt help.
"Spanningtree portfast" and "switchport nonegotiate" is configured on 
the switchport.

Has anyone a hint on this problem?
Thanks in advance!
Kai Matthies

----
Our configuration:

CatXX#sh vers
Cisco Internetwork Operating System Software
IOS (tm) C2950 Software (C2950-I6Q4L2-M), Version 12.1(22)EA1b, RELEASE 
SOFTWARE (fc1)
Copyright (c) 1986-2004 by cisco Systems, Inc.
Compiled Tue 24-Aug-04 00:12 by yenanh
Image text-base: 0x80010000, data-base: 0x8055C000

ROM: Bootstrap program is C2950 boot loader

Cat76 uptime is 47 weeks, 6 days, 7 hours, 32 minutes
System returned to ROM by power-on
System restarted at 15:05:25 MESZ Tue Jun 14 2005
System image file is "flash:/c2950-i6q4l2-mz.121-22.EA1b.bin"

cisco WS-C2950G-48-EI (RC32300) processor (revision Q0) with 20873K 
bytes of memory.
Processor board ID XXXXX
Last reset from system-reset
Running Enhanced Image
48 FastEthernet/IEEE 802.3 interface(s)
2 Gigabit Ethernet/IEEE 802.3 interface(s)

32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: xx:xx:xx:xx:xx:xx
Motherboard assembly number: 73-7409-12
Power supply part number: 34-0965-01
Motherboard serial number: XXXXX
Power supply serial number: XXXXX
Model revision number: Q0
Motherboard revision number: A0
Model number: WS-C2950G-48-EI
System serial number: XXXXXX
Configuration register is 0xF

CatXX#sh run int fast 0/22
interface FastEthernet0/22
  description XXX
  switchport access vlan 721
  switchport mode access
  switchport nonegotiate
  switchport port-security
  switchport port-security mac-address sticky
  switchport port-security mac-address sticky 0000.1111.2222
  no snmp trap link-status
  no cdp enable
  spanning-tree portfast
end

CatXX#sh int fast 0/22
FastEthernet0/22 is down, line protocol is down (notconnect)
   Hardware is Fast Ethernet, address is 0013.1953.xxxx (bia 0013.1953.xxxx)
   Description: XXX
   MTU 1500 bytes, BW 100000 Kbit, DLY 1000 usec,
      reliability 255/255, txload 1/255, rxload 1/255
   Encapsulation ARPA, loopback not set
   Keepalive set (10 sec)
   Auto-duplex, Auto-speed, media type is 100BaseTX
   input flow-control is unsupported output flow-control is unsupported
   ARP type: ARPA, ARP Timeout 04:00:00
   Last input 29w0d, output 01:18:10, output hang never
   Last clearing of "show interface" counters 3d12h
   Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
   Queueing strategy: fifo
   Output queue: 0/40 (size/max)
   5 minute input rate 0 bits/sec, 0 packets/sec
   5 minute output rate 0 bits/sec, 0 packets/sec
      276641 packets input, 102028305 bytes, 0 no buffer
      Received 1969 broadcasts (0 multicast)
      0 runts, 0 giants, 0 throttles
      0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
      0 watchdog, 1189 multicast, 0 pause input
      0 input packets with dribble condition detected
      797521 packets output, 121800493 bytes, 0 underruns
      0 output errors, 0 collisions, 0 interface resets
      0 babbles, 0 late collision, 0 deferred
      0 lost carrier, 0 no carrier, 0 PAUSE output
      0 output buffer failures, 0 output buffers swapped out

CatXX#sh int fast 0/22 switchport
Name: Fa0/22
Switchport: Enabled
Administrative Mode: static access
Operational Mode: down
Administrative Trunking Encapsulation: dot1q
Negotiation of Trunking: Off
Access Mode VLAN: 721 (XXX)
Trunking Native Mode VLAN: 1 (default)
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk private VLANs: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Protected: false
Unknown unicast blocked: disabled
Unknown multicast blocked: disabled
Appliance trust: none

2.anyone know about: vlan trunking with catalyst 1900 to any other ios device (catalyst 2950)

3.anyone know about: vlan trunking with catalyst 1900 to any other ios device (catalyst 2950)

4.Settinup 802.ix authentication with cisco 2950 and Micorsoft IAS 

I have a project to stop rogue users form pluging onto my network. I
have seen where cisco switches can do port authentication with a radius
server. I would like to setup and IAS server on win2k3 as my radius
server. Can anyone provide me with configuration guides to configure
the switch as well as the IAS server? I would really appreciate the
assistance.

PWM

5.Debug mac access-list extended 2950 

Is there a way to debug extended mac access-lists?  I have not found
anything on the Cisco Web Sit or in my switch doc.

My layer2 acl is blocking everything and I do not have any way of
seeing what is happening.  show access-list does not provide a count of
deny frames.  All the debug commands I looked at are for layer3&4
ACL's.

Any suggestions would be appreciated.

6. 2950 switch - max mac-add table size?

7. Port-security mac address on 2950

8. 2950 empty mac address table

Post a reply

Return to cisco

 

Who is online

Users browsing this forum: No registered users and 50 guest

Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group