Security

last person joined: 8 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

mac-address as username & password

This thread has been viewed 5 times

  • 1.  mac-address as username & password

    Posted Jan 07, 2016 08:24 AM

    Hi, I have setup a Guest SSID to bypass the captive portal to list of mac addresses. I am following this tutorial http://ccie25938.blogspot.nl/2011/12/aruba-controller-authentication.html

    I have added the few devices mac address to the Internal DB by typing the mac address on the username & password field with the role as authenticated.

     

    The devices that matches the mac address now bypass the captive portal authentication which is working, however, if somebody knows the mac address from the bypass list, then they can type it on the username and password box to authenticate their device. Is this normal behaviour ?

     

    Any help would be much appreciated, thank you.



  • 2.  RE: mac-address as username & password
    Best Answer

    EMPLOYEE
    Posted Jan 07, 2016 08:45 AM

    Yes, because you are using the same database for both types of authentication.  You would need an external policy server like clearpass to deal with that issue, so that it can use a different database for user and mac authentication.