Security

Reply
New Contributor

HP procurve 2610&2910 series mac and dot1x on same port for IP telephony and machine

Hi, i face an issue on how to configure the mac-auth and 802.1x on the same port so can support ip telephony and a computer machine behind it. problem is the following models of HP: HP 2610 PN: J9089A HP 2910 PN : J9146A HP 2920 PN J9729A only support user-based 802.1x and mac-based auth, however HP in this mode assume that whatever connect to the port it authenticated successfully on access tracker but keep seeing failure on the machine. please help.

Re: HP procurve 2610&2910 series mac and dot1x on same port for IP telephony and machine

this question is probably better served in the HP forum.
Pasquale Monardo | Senior Network Solutions Consultant
ACDX #420 | ACMP
[If you found my post helpful, please give kudos!]
Aruba Employee

Re: HP procurve 2610&2910 series mac and dot1x on same port for IP telephony and machine

This should be possible: (a couple of models are older so it's possible it was different on those models, but I don't think so... the below should apply)

 

The key is that the 1x configuration on the port has to be configured to support multi-host (authenticate each device individually vs. port-mode which will open the port after it's authenticated). 

 

aaa port-access authenticator <interface(s)>

aaa port-access authenticator <interface(s)> client-limit <limit>

aaa port-access mac-based <interfaces(s)>

 

If you try to enable mac-based on the port prior to specifying the port for 1x multi-host you will get an error.  The 2 conflict as 1x port based will authenticate the port for all once authenticated.

 

you also need aaa port-access authenticator active

(and the appropriate radius configuration)

 

Hope it helps

PL

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: