Security

Hi, i face an issue on how to configure the mac-auth and 802.1x on the same port so can support ip telephony and a computer machine behind it. problem is the following models of HP: HP 2610 PN: J9089A HP 2910 PN : J9146A HP 2920 PN J9729A only support user-based 802.1x and mac-based auth, however HP in this mode assume that whatever connect to the port it authenticated successfully on access tracker but keep seeing failure on the machine. please help.

This should be possible: (a couple of models are older so it's possible it was different on those models, but I don't think so... the below should apply)

The key is that the 1x configuration on the port has to be configured to support multi-host (authenticate each device individually vs. port-mode which will open the port after it's authenticated). 

aaa port-access authenticator <interface(s)>

aaa port-access authenticator <interface(s)> client-limit <limit>

aaa port-access mac-based <interfaces(s)>

If you try to enable mac-based on the port prior to specifying the port for 1x multi-host you will get an error.  The 2 conflict as 1x port based will authenticate the port for all once authenticated.

you also need aaa port-access authenticator active

(and the appropriate radius configuration)

Hope it helps

PL