MAC Authentication Bypass on Catalyst 2950 supported?

cisco

    Sponsored Links

    Next

  • 1. Multiple IP addresses for Dialer0
    How can I configure additional external IP addresses for the cisco877-K9 router ? I need this as I have a number of webservers behind the router. I am using ADSL PPPoE and have 5 IP addresses to assign to the router but can only manage to make one work. IOS or SDM solutions are fine.
  • 2. ASA 5505 help
    We switched ISP's and had a PIX 515e. The new firewall is a ASA 5505. We use a managed service to configure our Cisco gear. When we switched to the ASA 5505 we are not able to get out to the web behind a Linksys router. The router IP is on the on main lan and behind the router is another lan. It works fine until we added a static map from the outside IP of the ISP to the IP of the Linksys router. If we delete the static map it works. My cisco guy is telling me the ASA is considering this a hack and it won't work. I don't buy this answer as it worked on the PIX and there must be some sort of work around.
  • 3. Multicast / IGMP Forwarding
    How could I set up the 2621XM router to forward IGMP packets from interface Ethernet0 to interface Ethernet1 and vice versa without using PIM?
  • 4. route Maps with OSPF for set ip next-hop
    Situation: 3845 router with multiple Virtual Tunnel Interfaces facing the Internet and two Interfaces facing a PIX firewall. Need: Routes to certain tunnels must be available from the PIX via a specific interface (one of the two). Question: Can a route map be used with the outbound LSAs to specify the next hop that the PIX knows about ? In other words, I want to run a route map on the 3845 that sets the "ip next-hop" that is advertised into OSPF. For example, the PIX would then know that network 10.0.0.0 /24 is available via interface G0 on the 3845 router and network 11.0.0.0/24 is available via interface G1 on the 3845 router. Note that I can make this happen by running 2 OSPF processes on the PIX and the router, but I would prefer to do it with route maps. Both interfaces on the 3845 router can be in the same area or different areas, whichever is necessary to make this thing work. Bottom line, can route maps with the set ip next-hop command be used to control the information that an OSPF participant receives?

MAC Authentication Bypass on Catalyst 2950 supported?

Postby Daniel Alex » Fri, 16 May 2008 12:41:13 GMT

Hi all,

Which IOS release that supports MAC Authentication Bypass (MAB) for Catalyst 
2950 switch? Currently I have 12.1-22 EA8a version and I would like to use 
this feature.

Thanks very much.

Regards,

Daniel 


Similar Threads:

1.Problems with Catalyst 2950 and Mac OS X 10.4 Systems

Hello,

since we have replaced our Catalyst 2924XL switches with Catalyst 2950 
we get more and more problems with Apple Macintosh OS X 10.4 Systems 
with G5 processors.
The systems get their static IP addresses from two SuSE Linux 
DHCP-Servers. In our campus-LAN 76 VLANs are configured.

Normally everything works well, but sometimes some Mac OS X 10.4 systems 
lose suddenly their server mounts.
Sometimes other Mac OS X 10.4 systems dont get an IP address while 
booting. After a reboot it works regularly.
Deactivating the port-security doesnt help.
"Spanningtree portfast" and "switchport nonegotiate" is configured on 
the switchport.

Has anyone a hint on this problem?
Thanks in advance!
Kai Matthies

----
Our configuration:

CatXX#sh vers
Cisco Internetwork Operating System Software
IOS (tm) C2950 Software (C2950-I6Q4L2-M), Version 12.1(22)EA1b, RELEASE 
SOFTWARE (fc1)
Copyright (c) 1986-2004 by cisco Systems, Inc.
Compiled Tue 24-Aug-04 00:12 by yenanh
Image text-base: 0x80010000, data-base: 0x8055C000

ROM: Bootstrap program is C2950 boot loader

Cat76 uptime is 47 weeks, 6 days, 7 hours, 32 minutes
System returned to ROM by power-on
System restarted at 15:05:25 MESZ Tue Jun 14 2005
System image file is "flash:/c2950-i6q4l2-mz.121-22.EA1b.bin"

cisco WS-C2950G-48-EI (RC32300) processor (revision Q0) with 20873K 
bytes of memory.
Processor board ID XXXXX
Last reset from system-reset
Running Enhanced Image
48 FastEthernet/IEEE 802.3 interface(s)
2 Gigabit Ethernet/IEEE 802.3 interface(s)

32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: xx:xx:xx:xx:xx:xx
Motherboard assembly number: 73-7409-12
Power supply part number: 34-0965-01
Motherboard serial number: XXXXX
Power supply serial number: XXXXX
Model revision number: Q0
Motherboard revision number: A0
Model number: WS-C2950G-48-EI
System serial number: XXXXXX
Configuration register is 0xF

CatXX#sh run int fast 0/22
interface FastEthernet0/22
  description XXX
  switchport access vlan 721
  switchport mode access
  switchport nonegotiate
  switchport port-security
  switchport port-security mac-address sticky
  switchport port-security mac-address sticky 0000.1111.2222
  no snmp trap link-status
  no cdp enable
  spanning-tree portfast
end

CatXX#sh int fast 0/22
FastEthernet0/22 is down, line protocol is down (notconnect)
   Hardware is Fast Ethernet, address is 0013.1953.xxxx (bia 0013.1953.xxxx)
   Description: XXX
   MTU 1500 bytes, BW 100000 Kbit, DLY 1000 usec,
      reliability 255/255, txload 1/255, rxload 1/255
   Encapsulation ARPA, loopback not set
   Keepalive set (10 sec)
   Auto-duplex, Auto-speed, media type is 100BaseTX
   input flow-control is unsupported output flow-control is unsupported
   ARP type: ARPA, ARP Timeout 04:00:00
   Last input 29w0d, output 01:18:10, output hang never
   Last clearing of "show interface" counters 3d12h
   Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
   Queueing strategy: fifo
   Output queue: 0/40 (size/max)
   5 minute input rate 0 bits/sec, 0 packets/sec
   5 minute output rate 0 bits/sec, 0 packets/sec
      276641 packets input, 102028305 bytes, 0 no buffer
      Received 1969 broadcasts (0 multicast)
      0 runts, 0 giants, 0 throttles
      0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
      0 watchdog, 1189 multicast, 0 pause input
      0 input packets with dribble condition detected
      797521 packets output, 121800493 bytes, 0 underruns
      0 output errors, 0 collisions, 0 interface resets
      0 babbles, 0 late collision, 0 deferred
      0 lost carrier, 0 no carrier, 0 PAUSE output
      0 output buffer failures, 0 output buffers swapped out

CatXX#sh int fast 0/22 switchport
Name: Fa0/22
Switchport: Enabled
Administrative Mode: static access
Operational Mode: down
Administrative Trunking Encapsulation: dot1q
Negotiation of Trunking: Off
Access Mode VLAN: 721 (XXX)
Trunking Native Mode VLAN: 1 (default)
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk private VLANs: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Protected: false
Unknown unicast blocked: disabled
Unknown multicast blocked: disabled
Appliance trust: none

2.anyone know about: vlan trunking with catalyst 1900 to any other ios device (catalyst 2950)

3.anyone know about: vlan trunking with catalyst 1900 to any other ios device (catalyst 2950)

4.Settinup 802.ix authentication with cisco 2950 and Micorsoft IAS

I have a project to stop rogue users form pluging onto my network. I
have seen where cisco switches can do port authentication with a radius
server. I would like to setup and IAS server on win2k3 as my radius
server. Can anyone provide me with configuration guides to configure
the switch as well as the IAS server? I would really appreciate the
assistance.

PWM

5.Debug mac access-list extended 2950

Is there a way to debug extended mac access-lists?  I have not found
anything on the Cisco Web Sit or in my switch doc.

My layer2 acl is blocking everything and I do not have any way of
seeing what is happening.  show access-list does not provide a count of
deny frames.  All the debug commands I looked at are for layer3&4
ACL's.

Any suggestions would be appreciated.

6. 2950 switch - max mac-add table size?

7. Port-security mac address on 2950

8. 2950 empty mac address table



Return to cisco

 

Who is online

Users browsing this forum: No registered users and 27 guest