09-23-2015 05:29 AM
When we implemented our Aruba Network back in 2012 we put in a RADIUS server and began doing 802.1x auth with all capable clients. Since day one, we had issues with domain-joined machines and Machine Authentication. We setup roles where if a device passes machine and user auth, they get full access to our LAN but if they fail machine auth, they are placed in a BYOD role. Various laptops would start out in the full access role but randomly (while in use) move to the BYOD role causing users applications to freeze. We tried everything and eventually settled on issue with the chipsets in the laptops being the issue and turned off machine authentication.
Now, after removing all these devices and replacing them with new ones, upon turning machine authentication back on we are having the same issue. Has anyone run into a similar situation and how was it resolved?
09-23-2015 05:37 AM
Which radius server is this? What rules are you using on the radius server and what attributes are you sending back to differentiate between BYOD and machine authenticated?
Aruba Customer Engineering
Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base
Validated Reference Design Guides : http://community.arubanetworks.com/t5/Validated-Reference-Design/tkb-p/Aruba-VRDs