dynamic vlan assignment besides vmps

Discussion in 'Cisco' started by psychogenic, Apr 20, 2006.

  1. psychogenic

    psychogenic Guest

    Hey all,

    Am wonderng if there are any other solutions for dynamic assignment of
    vlans other than URT (whihc seems overly expensive) and VMPS (server
    only seems to work on CatOS whihc none my switches run)? Basically I
    want to set up a conference room and our guest area where any unknown
    MAC addresses that gets plugged in will b e sent on one vlan and
    trusted laptops in our network gets put on another.

    psychogenic, Apr 20, 2006
  2. psychogenic

    Merv Guest

    Merv, Apr 20, 2006
  3. psychogenic

    Merv Guest

    Or perhaps you could set up two VLANS - one with an open SSID (for
    guest) and the other SSID can be authenticated (using FAST_EAP for

    You could also apply a MAC filter to the secure SSID using the
    dot11 association mac-list command.
    Merv, Apr 20, 2006
  4. psychogenic

    psychogenic Guest

    I do but can that also be applied to a wired network (not touching
    wireless yet)?

    psychogenic, Apr 20, 2006
  5. psychogenic

    Merv Guest

    what switch and IOS version ?
    Merv, Apr 20, 2006
  6. psychogenic

    psychogenic Guest

    backbone is 6500 running IOS v 12.2, and our on floor switches are made
    up of 3550s and some 3500XLs, all running IOS v 12.2
    psychogenic, Apr 20, 2006
  7. psychogenic

    Merv Guest

    Merv, Apr 20, 2006
  8. psychogenic

    psychogenic Guest

    Hmm, would this break tacacs+ on the switches? I've added them all to
    SecureACS for authentication and authorization for the admins here, and
    also am using local accounts on the devices in case the ACS server is
    psychogenic, Apr 20, 2006
  9. psychogenic

    Merv Guest

    Merv, Apr 20, 2006
  10. psychogenic

    C Kim Guest

    No. Dot1x will not break tacacs+. two separate things.
    C Kim, Apr 20, 2006
