Security

Reply
Highlighted

Printer MAC Authentication issue after enabling Port Access on the Switch

I have added the printer MAC Address in Endpoints.  Once Port Access is enabled on that switch port the printer goes offline.  We have it setup this way for all other printers and they don't have any issues.  If I turn off Port config they printer comes back online.  It's and HP LaserJet M553.  Any suggestions would be appreciated.

 

Thank you,

 

Guru Elite

Re: Printer MAC Authentication issue after enabling Port Config

What is “port config”?

Tim Cappalli | Aruba Security
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480

Re: Printer MAC Authentication issue after enabling Port Config

The Port Access settings on the Switch

 

no aaa port-access authenticator 25
no aaa port-access authenticator 25 client-limit
no aaa port-access mac-based 25
aaa port-access authenticator 25 supplicant-timeout 30
aaa port-access authenticator 25 tx-period 30

Re: Printer MAC Authentication issue after enabling Port Access on the Switch

Are you seeing anything in Access Tracker if the device attempting to authenticate ?

What type of switch are you using ?
Pardon typos sent from Mobile
Thank you

Victor Fabian
Lead Mobility Architect @WEI
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA

Re: Printer MAC Authentication issue after enabling Port Access on the Switch

Is this happening just for this printer?

 

Some printers have the habit to go into sleep mode after a period of inactivity, to save power. In such a state, the device only responds to arp requests (and other direct traffic) and will wake up again. If you enable mac-authentication on the port during such a sleep period, it will appear that the device drops off until it generates traffic again. 

 

If you don't see an authentication request after enabling mac-authentication on the port, try disconnecting the cable (or disable port) and reconnect (or enable); as last resort reboot printer and you should see MAC authentication happen.

 

As when printers go to sleep, the authentication might time out and get disconnected, in the ArubaOS switches version 16.05 a feature called MAC Pinning was introduced to solve this issue by keeping the authentication active till the device starts sending traffic again. Check out: http://community.arubanetworks.com/t5/Campus-Switching-and-Routing/What-are-the-new-AAA-security-features-introduced-in-ArubaOS/td-p/412700

--
If you have urgent issues, please contact your Aruba partner or Aruba TAC (click for contact details).
New Contributor

Re: Printer MAC Authentication issue after enabling Port Access on the Switch

Hi,

Try to change the logoff timer, it worked for me in a few installations.

The probleme happens with printers, which go asleep.

You could set the time for mac and 802.1x

aaa port-access authenticator 1-48 logoff-period 430000
aaa port-access mac-based 1-48 logoff-period 3000000

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: