Passing MAC between VLANs??

[disturbedone]

I have a Catalyst 4507 as the core router in our network. There are multiple VLANs eg VLAN10 (physical serverz), VLAN11 (virtual servers), VLAN61 (WiFi devices).

The supplier of our proxy/web filter has upgraded their software to include a new feature that stores MAC addresses (as opposed to IP addresses) against usernames so when a device connects the user isn't prompted for authentication. This would work better than IP address authentication (various reasons, no point in detailing) so it would be good to use. However it doesn't work and they've said it's because of the router but whether there is a solution or not.......well, that's why I'm here.

The proxy is on VLAN11. The WiFi devices are on VLAN61. They're routed in the Catalyst. Is there a way to get the MAC of devices passed across from VLAN61 to VLAN11 so that the proxy can see this and store it? If so, how?

 

[imbadatthis]

sounds like your supplier implemented 802.1x ....
assuming your wireless access-points are normal you should be able to configure .1x on them as well and use the server as the authenticator..


We must go always forward, not backward
always up, not down and always twirling twirling towards infinity.

 

[disturbedone]

802.1X is another story. That already exists and will be implemented in a few months time - I'm waiting on an upgrade to the WiFi system to fix an issue.

But in the mean time the proxy supplier has released this new feature. It will be designed as a simple way of remembering devices for small environments where implementing RADIUS would be too complex/expensive/time consuming. It would just be good to be able to implement this now as the issues caused by remembering IPs cause constant problems.