Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

8021x Machine authentication

This thread has been viewed 2 times

  • 1.  8021x Machine authentication

    Posted May 23, 2014 03:00 AM
      |   view attached

    Hi everyone I have a problem with client authentication. I want to allow domain clients to authenticate to the internal vlan on the 10.1.150 network. If the client is not a domain member then it should be placed onto the guest network 192.168.1. I have enabled Enforce Machine Authentication and set the Default machine role to authenticated and the Default User Role to 802.1xUser (guest role). My problem is that some non-domain member clients are being given the internal vlan on the 10.1.150 network even though they have been placed into the 802.1xUser role. I have attached an image, the circles in red indicate wrong subnet green is correct. Any ideas? 7210 Controller OS version 6.3.1.6 Thanks


    #7210


  • 2.  RE: 8021x Machine authentication

    Posted May 23, 2014 03:27 AM

    The Auth Type would suggest that particular user is getting the 802.1X Authentication Default Role from the AAA profile and not the default user role under Machine Authentication. Are there differences in the device type?



  • 3.  RE: 8021x Machine authentication
    Best Answer

    Posted May 23, 2014 03:30 AM

    Hi Greg, 

     

    so i belive you are usign RBV (role based VLAN). in 6.3.1.6, we have found a bug with RVB and it is fixed in 6.3.1.7. 



  • 4.  RE: 8021x Machine authentication

    Posted May 23, 2014 03:45 AM

    Hi Vinod

     

    Thanks, I will do an upgrade.

     

    Regards

     

    Greg