Security

Reply
Occasional Contributor II
Posts: 15
Registered: ‎05-10-2014

mac-address as username & password

Hi, I have setup a Guest SSID to bypass the captive portal to list of mac addresses. I am following this tutorial http://ccie25938.blogspot.nl/2011/12/aruba-controller-authentication.html

I have added the few devices mac address to the Internal DB by typing the mac address on the username & password field with the role as authenticated.

 

The devices that matches the mac address now bypass the captive portal authentication which is working, however, if somebody knows the mac address from the bypass list, then they can type it on the username and password box to authenticate their device. Is this normal behaviour ?

 

Any help would be much appreciated, thank you.

Guru Elite
Posts: 20,416
Registered: ‎03-29-2007

Re: mac-address as username & password

Yes, because you are using the same database for both types of authentication.  You would need an external policy server like clearpass to deal with that issue, so that it can use a different database for user and mac authentication.



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
Showing results for 
Search instead for 
Did you mean: