Hey all,
Am wonderng if there are any other solutions for dynamic assignment of vlans other than URT (whihc seems overly expensive) and VMPS (server only seems to work on CatOS whihc none my switches run)? Basically I want to set up a conference room and our guest area where any unknown MAC addresses that gets plugged in will b e sent on one vlan and trusted laptops in our network gets put on another.
Thanks!
Well if you have a RADIUS server, then see
Or perhaps you could set up two VLANS - one with an open SSID (for guest) and the other SSID can be authenticated (using FAST_EAP for example).
You could also apply a MAC filter to the secure SSID using the dot11 association mac-list command.
I do but can that also be applied to a wired network (not touching wireless yet)?
Thanks.
Merv wrote:
what switch and IOS version ?
take a look at 802.1x authentication and dynamic VLAN assignment
Hmm, would this break tacacs+ on the switches? I've added them all to SecureACS for authentication and authorization for the admins here, and also am using local accounts on the devices in case the ACS server is unreachable.
Merv wrote:
If you have SecureACS then take a look at the Network Admission Control feature (NAC)
No. Dot1x will not break tacacs+. two separate things.
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.