Security

Reply
Occasional Contributor I
Posts: 26
Registered: ‎01-07-2013

Use cases for MAC auth with 802.1x

I think I got this in the right board.  If not please direct me to the correct board.

I am evaluating how our AAA profiels are set up on our current SSIDs.  I have inherited the system and haven't really changed much since I took over.  On our main secure SSID we have both MAC auth and 802.1x enabled.  Why is it that we would want both enabled?  I might be missing something but I can't see a good reason to have both enabled on the network.  We have a separate network that is MAC auth with a CP specifically for legacy devices.  What would the impact fo disabling MAC auth on our main network look like?

 

We are a higher ed institution running AOS 6.4.3.7 with about 1100 APs and 6 M3MK1 modules in 2 6000 chassis.

Guru Elite
Posts: 7,991
Registered: ‎09-08-2010

Re: Use cases for MAC auth with 802.1x

In most cases, you would want to use a MAC address as an authorization source on an external policy server as part of a policy decision, not as part of authentication. 

Tim Cappalli | Aruba ClearPass TME
@timcappalli | ACMX #367 / ACCX #480 / ACEAP / CWSP
Search Airheads
Showing results for 
Search instead for 
Did you mean: