Wired Networks

How L2- Auth Failthrough works on MAS ?

Aruba Employee

When enabling both MAC authentication and 802.1X authentication on a port, MAS offers a feature called "L2 Authentication Fail Through", which allows mixed authentication modes.  If L2 auth fail through is not enabled, both the MAC authentication and the 802.1X authentication must be successful before the user is given access.  Enabling L2 auth fail through allows the user to fail MAC authentication and still proceed to 802.1X authentication.  See the Mixed Authentication Modes table for the possible role assignments based on MAC/802.1X authentication results.


Mixed Authentication Modes when L2 Authentication Fail Through is Enabled

Authentication

1

2

3

4

5

6

MAC authentication

Success

Success

Success

Fail

Fail

Fail

802.1X authentication

Success

Fail

Client not configured for EAP

Success

Fail

Client not configured for EAP

Role Assignment

802.1x

MAC

802.1x

logon

 
Version history
Revision #:
1 of 1
Last update:
‎06-26-2014 10:31 AM
Updated by:
 
Labels (1)
Contributors
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: 
Is this a frequent problem?

Request an official Aruba knowledge base article to be written by our experts.