Frequent Contributor II

MAC Auth Login Status REJECT

I'm hoping to have all devices that fail mac authentication be "accepted" from a login status perspective so I can extend CoA rights to our help desk so after the device is registered it can have it's session terminated. 


I made the default Profile "Allow Access Profile" and I created a condition "(Authorization:[Guest Device Repository]:AccountStatus  NOT_EXISTS   )". But authentication still fails.


I didn't know if I could add a secondary authenitcation source or if there was a way to get creative and say when username = mac then auth but hit a different enforcement policy...


Is this possible to do?





Guru Elite

Re: MAC Auth Login Status REJECT

You need to use Allow All MAC Auth and add a fail through rule that returns your captive portal role.

Tim Cappalli | Aruba Security
@timcappalli | | ACMX #367 / ACCX #480
Frequent Contributor II

Re: MAC Auth Login Status REJECT

Thanks Tim! I was on the right path. 


Search Airheads
Showing results for 
Search instead for 
Did you mean: