09-05-2014 01:54 PM
If using the Instants with 802.1X (external) and MAC authentication, where do the MAC addresses need to be entered? Can the MAC addresses be entered in the Internal Database, and then use the external RADIUS server for 802.1X, or do they both need to use the external RADIUS server? If the MAC addresses have to be authenticated by the RADIUS server, is there any documentation on how to configure the RADIUS server? Thanks!
Solved! Go to Solution.
09-05-2014 02:05 PM
09-05-2014 02:14 PM - edited 08-10-2015 05:23 AM
I'm using Windows Server 2008 NPS. If I just use RADIUS authentication I can connect to the SSID. If I check the box "Perform MAC authentication before 082.1X" I can't get connected. I was thinking I could put the MAC address of the client in the Internal Database as both the username and the password, but that doesn't seem to work. I noticed in the user guide that it states "MAC authentication shares all the authentication server configurations with 802.1X authentication," which seems to indicate that my Windows NPS server should authenticate the MAC address. Is that correct?
09-05-2014 02:16 PM - edited 09-05-2014 02:17 PM
Yes, they must be the same server.
The only way to support MAC authentication in NPS is to create AD users with the MAC address as the username and password (which is not feasible in most environments).
What are you trying to accomplish using MAC-auth and dot1X?
09-05-2014 02:17 PM
US: +1 650 996-3520
China: +86 136 2121 6844