MAC Authentication Bypass on Catalyst 2950 supported?

cisco

    Sponsored Links

    Next

  • 1. SOHO 91 / IOS
    I bought a SOHO 91 router from PC Connection about 4 months ago and have the following IOS: SOHO91-K9OY6-M, Version 12.2(8)YN I'm reading that CRWS is absolutely horrible and that I want to upgrade to SDM. I'm trying to do that but I think that I need to upgrade my IOS. True? Does Cisco require me to have a contract in order to get the latest IOS? I'm an end user and don't really want to purchase an enterprise contract to upgrade my IOS. But, is this what Cisco demands? Thanks for the help. Curtis
  • 2. BGP load sharing unequal paths - how would you do it?
    Right now I have a 7204 load sharing four T1's. Two from MCI and two from Global Crossing. We run BGP and announce a class C range that we own, over both ISP's. We get full routing tables from both. It has given us pretty even load-sharing considering both MCI and GBX are Tier 1 providers. This method has been fine for years but it is about to change. The Global Crossing connection is going up to a partial DS3 (18Mb woohoo!), while the MCI will remain at 3Mb total for now. It may go up to 3 or 4 T1's later, but right now the ratio is 3Mb to 18Mb. All Internet routes need to be available to both ISP's, so failover and redundancy are important. I don't want to limit the BGP updates I get from MCI to balance the links. What is the best way to load-share disproportionate links? If at all possible, I would like most of the traffic to go over the Global Crossing T3 with only the closest ASN's getting time on MCI. And if the Global Crossing DS3 took a dive, I'd want everything to route over MCI until it was restored. What is the best practice being used today to solve this question? Or would it be better just to treat the MCI circuits as a pure backup since in 95% of the instances, the Global circuit would be faster? -Robert
  • 3. vlan database
    Hi We have Router 7200 and we have VLANs defined on that router. I would like tu add a new vlan but when I try to do that I have problem with this: I connect to router then go to exec mode with command enable and then I don't know how to go in vlan mode. I type vlan database and I get message unknown command Thanks
  • 4. SIP and H323 dialout simultaniously
    Hello, does anyone know if its possible to config dialout via T1/E1 simultaniously for H323 and SIP? thanx, Stylz --- Email adress is not valid. Please reply to group.
  • 5. Strange little problem with duplex on Cisco 3550
    Anyone noticed problems saving the duplex settings of ports on catalyst 3550 switches, running 12.1(14)EA1a We can configure duplex settings via CLI, but "show running-config" does not show the duplex setting (???). When configuring the same port via Cisco Cluster software, the setting is saved (and is visible in cli config) Bizar....... mvg, Geert

MAC Authentication Bypass on Catalyst 2950 supported?

Postby Daniel Alex » Fri, 16 May 2008 12:41:13 GMT

Hi all,

Which IOS release that supports MAC Authentication Bypass (MAB) for Catalyst 
2950 switch? Currently I have 12.1-22 EA8a version and I would like to use 
this feature.

Thanks very much.

Regards,

Daniel 


Similar Threads:

1.Problems with Catalyst 2950 and Mac OS X 10.4 Systems

Hello,

since we have replaced our Catalyst 2924XL switches with Catalyst 2950 
we get more and more problems with Apple Macintosh OS X 10.4 Systems 
with G5 processors.
The systems get their static IP addresses from two SuSE Linux 
DHCP-Servers. In our campus-LAN 76 VLANs are configured.

Normally everything works well, but sometimes some Mac OS X 10.4 systems 
lose suddenly their server mounts.
Sometimes other Mac OS X 10.4 systems dont get an IP address while 
booting. After a reboot it works regularly.
Deactivating the port-security doesnt help.
"Spanningtree portfast" and "switchport nonegotiate" is configured on 
the switchport.

Has anyone a hint on this problem?
Thanks in advance!
Kai Matthies

----
Our configuration:

CatXX#sh vers
Cisco Internetwork Operating System Software
IOS (tm) C2950 Software (C2950-I6Q4L2-M), Version 12.1(22)EA1b, RELEASE 
SOFTWARE (fc1)
Copyright (c) 1986-2004 by cisco Systems, Inc.
Compiled Tue 24-Aug-04 00:12 by yenanh
Image text-base: 0x80010000, data-base: 0x8055C000

ROM: Bootstrap program is C2950 boot loader

Cat76 uptime is 47 weeks, 6 days, 7 hours, 32 minutes
System returned to ROM by power-on
System restarted at 15:05:25 MESZ Tue Jun 14 2005
System image file is "flash:/c2950-i6q4l2-mz.121-22.EA1b.bin"

cisco WS-C2950G-48-EI (RC32300) processor (revision Q0) with 20873K 
bytes of memory.
Processor board ID XXXXX
Last reset from system-reset
Running Enhanced Image
48 FastEthernet/IEEE 802.3 interface(s)
2 Gigabit Ethernet/IEEE 802.3 interface(s)

32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: xx:xx:xx:xx:xx:xx
Motherboard assembly number: 73-7409-12
Power supply part number: 34-0965-01
Motherboard serial number: XXXXX
Power supply serial number: XXXXX
Model revision number: Q0
Motherboard revision number: A0
Model number: WS-C2950G-48-EI
System serial number: XXXXXX
Configuration register is 0xF

CatXX#sh run int fast 0/22
interface FastEthernet0/22
  description XXX
  switchport access vlan 721
  switchport mode access
  switchport nonegotiate
  switchport port-security
  switchport port-security mac-address sticky
  switchport port-security mac-address sticky 0000.1111.2222
  no snmp trap link-status
  no cdp enable
  spanning-tree portfast
end

CatXX#sh int fast 0/22
FastEthernet0/22 is down, line protocol is down (notconnect)
   Hardware is Fast Ethernet, address is 0013.1953.xxxx (bia 0013.1953.xxxx)
   Description: XXX
   MTU 1500 bytes, BW 100000 Kbit, DLY 1000 usec,
      reliability 255/255, txload 1/255, rxload 1/255
   Encapsulation ARPA, loopback not set
   Keepalive set (10 sec)
   Auto-duplex, Auto-speed, media type is 100BaseTX
   input flow-control is unsupported output flow-control is unsupported
   ARP type: ARPA, ARP Timeout 04:00:00
   Last input 29w0d, output 01:18:10, output hang never
   Last clearing of "show interface" counters 3d12h
   Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
   Queueing strategy: fifo
   Output queue: 0/40 (size/max)
   5 minute input rate 0 bits/sec, 0 packets/sec
   5 minute output rate 0 bits/sec, 0 packets/sec
      276641 packets input, 102028305 bytes, 0 no buffer
      Received 1969 broadcasts (0 multicast)
      0 runts, 0 giants, 0 throttles
      0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
      0 watchdog, 1189 multicast, 0 pause input
      0 input packets with dribble condition detected
      797521 packets output, 121800493 bytes, 0 underruns
      0 output errors, 0 collisions, 0 interface resets
      0 babbles, 0 late collision, 0 deferred
      0 lost carrier, 0 no carrier, 0 PAUSE output
      0 output buffer failures, 0 output buffers swapped out

CatXX#sh int fast 0/22 switchport
Name: Fa0/22
Switchport: Enabled
Administrative Mode: static access
Operational Mode: down
Administrative Trunking Encapsulation: dot1q
Negotiation of Trunking: Off
Access Mode VLAN: 721 (XXX)
Trunking Native Mode VLAN: 1 (default)
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk private VLANs: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Protected: false
Unknown unicast blocked: disabled
Unknown multicast blocked: disabled
Appliance trust: none

2.anyone know about: vlan trunking with catalyst 1900 to any other ios device (catalyst 2950)

3.anyone know about: vlan trunking with catalyst 1900 to any other ios device (catalyst 2950)

4.Settinup 802.ix authentication with cisco 2950 and Micorsoft IAS

I have a project to stop rogue users form pluging onto my network. I
have seen where cisco switches can do port authentication with a radius
server. I would like to setup and IAS server on win2k3 as my radius
server. Can anyone provide me with configuration guides to configure
the switch as well as the IAS server? I would really appreciate the
assistance.

PWM

5.Debug mac access-list extended 2950

Is there a way to debug extended mac access-lists?  I have not found
anything on the Cisco Web Sit or in my switch doc.

My layer2 acl is blocking everything and I do not have any way of
seeing what is happening.  show access-list does not provide a count of
deny frames.  All the debug commands I looked at are for layer3&4
ACL's.

Any suggestions would be appreciated.

6. 2950 switch - max mac-add table size?

7. Port-security mac address on 2950

8. 2950 empty mac address table



Return to cisco

 

Who is online

Users browsing this forum: No registered users and 77 guest