Wireless Access

Hi,

 

We have 7210 controller with latest AOS.

How can we achieve 802.1x to mac address authentication fallback(without radius) for single SSID on controller.

Some more detail : suppose user is not able to login using 802.1x(credential) and his mac address present in controller local database then that user should get access. or vice versa.

 

Thank you..

 

 

Successful 802.1x authentication is required to allow any user onto a 802.1x ssid as per the standard. Failure means no connection is allowed.

Hmm.. I might be misunderstanding the question but I´m pretty sure I´ve done what you´re asking for with l2-auth-fail-through. This won´t work if the client "fails" 802.1X though, might be the same if the radius request times out. You want to protect yourself from RADIUS server failure with this or what´s the purpose?

 

From the user guide:

 

Will that work for you?

 

Cheers,

"Some more detail : suppose user is not able to login using 802.1x(credential) and his mac address present in controller local database then that user should get access. or vice versa."

 

If the user is not able to login using 802.1x, the user will not get on the network, regardless of the configuration..

This is not possible. 802.1X cannot be combined with other authentication
methods. MAC address can be used during authorization with 802.1X.