Gurus,
i'm trying to do authentication with clearpass using Aruba 3810 switch. i've succesfully tested 802,1x with the cisco voip phone and laptop with 802.1x enable succesfully authenticated and get the correct VLAN..
but if the laptop is not configured with 802.1x enabled, it failed to redirect to the captive portal to authenticate, the laptop didnt get IP address but inside clearpass im able to see that the client is pushed with the correct profile for the captive portal login
is this can be done? the cisco phone will be mac auth, the client conneected to the phone will do mac auth also..
Voice VLAN: 854
data VLAN: 351
switch: Aruba 3810 (16.04.0009)
config:
aaa server-group radius "CPPM" host 10.50.6.76
aaa accounting update periodic 1
aaa accounting network start-stop radius server-group "CPPM"
aaa authentication port-access eap-radius authorized
aaa authentication web-based chap-radius server-group "CPPM"
aaa authentication mac-based chap-radius server-group "CPPM"
aaa authentication captive-portal enable
interface x
untagged vlan 351
tagged vlan 854
aaa port-access authenticator
aaa port-access authenticator x auth-vid 351
aaa port-access authenticator active
aaa port-access authenticator x client-limit 3
aaa port-access mac-based
aaa port-access mac-based 13 auth-vid 351