Switches, Hubs, and Modems
cancel
Showing results for 
Search instead for 
Did you mean: 

5308xl and Dynamic Vlans

Forrest_2
Occasional Visitor

5308xl and Dynamic Vlans

Hello all. We have a single 5308xl in our core with several 2650's at the edge. I am now needing to do mac based dynamic vlans (I think the Cisco term is VMPS). Anyways, I need to assign specific mac's to specific vlans. Any MAC not registered in the database needs to be placed in a "quarantine" vlan giving them restricted access. We have a worm get unleashed on our network and it crushed it for 4 days until we got it fixed. I don't want this to happen again.

Does anyone have any config examples for what I am wanting to accomplish?

Sincerely,
Forrest
4 REPLIES
Sietze Reitsma
Respected Contributor

Re: 5308xl and Dynamic Vlans

2600 series will support MAC-authentication within a few weeks. Firmware should be avail on the web. Together with a radius and a vlan attribute in radius, you can map MAC adresses to Vlans completely dynamic.

5300xl already supports it. So the manual will help you.

If auth. fails then you can map to an unauth. vlan (quarantine vlan)


Forrest_2
Occasional Visitor

Re: 5308xl and Dynamic Vlans

Where in the manual is it? I downloaded the advanced traffic managemnent guide and while there were many references to vlans, I couldn't find one regarding MAC based authentication.

Thanks again!
Les Ligetfalvy
Esteemed Contributor

Re: 5308xl and Dynamic Vlans

Try looking in the Access Security Guide.
Forrest_2
Occasional Visitor

Re: 5308xl and Dynamic Vlans

Thank you very much!