Remote Networking

Reply

RAP and wired-port dot1x with Layer 2 switch

Hi,

So according to the VRD, a Layer 2 switch should not be in between the clients and RAP if dot1x authentication is used.

So what to do if there are more wired clients than ports on the RAP?

Any ideas?

Thanks :rolleyes:

If my post is helpful please give kudos, or mark as solved if it answers your post.

ACCP, ACCX #817, ACMP, ACMX #294
Guru Elite

Re: RAP and wired-port dot1x with Layer 2 switch

The problem is that the first switch to see an EAPol or 802.1x frame either has to handle it or drop it. Your only option may be to find a switch that can be configured with 802.1x passthrough support or put a hub out there...


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Re: RAP and wired-port dot1x with Layer 2 switch

What about plugging another RAP into it, will that work? Probably not the most economical usage of a RAP though.

If my post is helpful please give kudos, or mark as solved if it answers your post.

ACCP, ACCX #817, ACMP, ACMX #294
Guru Elite

Re: RAP and wired-port dot1x with Layer 2 switch

Not supported.....:(


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Contributor I

Re: RAP and wired-port dot1x with Layer 2 switch

If the Layer2 switch supports 802.1x auth, could it be configured to perform the "STOP, Who goes there!?" and authenticate against the same back-end system as the controller?
Guru Elite

Re: RAP and wired-port dot1x with Layer 2 switch

Most switches authenticate directly to a radius server for that function, and you cannot point that to a controller. If you could configure a switch like that, you would lose policy-based enforcement. Aruba's New Corvina switch provides this functionality, however.


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: