Wireless Access

Reply
Frequent Contributor II
Posts: 184
Registered: ‎04-17-2013

802.1x to mac authentication fallback

Hi,

 

We have 7210 controller with latest AOS.

How can we achieve 802.1x to mac address authentication fallback(without radius) for single SSID on controller.

Some more detail : suppose user is not able to login using 802.1x(credential) and his mac address present in controller local database then that user should get access. or vice versa.

 

Thank you..

 

 

Guru Elite
Posts: 8,792
Registered: ‎09-08-2010

Re: 802.1x to mac authentication fallback

This is not possible. 802.1X cannot be combined with other authentication
methods. MAC address can be used during authorization with 802.1X.

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Guru Elite
Posts: 21,561
Registered: ‎03-29-2007

Re: 802.1x to mac authentication fallback

Successful 802.1x authentication is required to allow any user onto a 802.1x ssid as per the standard. Failure means no connection is allowed.


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

MVP
Posts: 315
Registered: ‎04-03-2014

Re: 802.1x to mac authentication fallback

[ Edited ]

Hmm.. I might be misunderstanding the question but I´m pretty sure I´ve done what you´re asking for with l2-auth-fail-through. This won´t work if the client "fails" 802.1X though, might be the same if the radius request times out. You want to protect yourself from RADIUS server failure with this or what´s the purpose?

 

From the user guide:

l2-auth.JPG

 

Will that work for you?

 

Cheers,

Christoffer Jacobsson | Aranya AB
Aruba: ACMX #537 ACCP | CWNP: CWNA CWDP CWSP
Guru Elite
Posts: 21,561
Registered: ‎03-29-2007

Re: 802.1x to mac authentication fallback

"Some more detail : suppose user is not able to login using 802.1x(credential) and his mac address present in controller local database then that user should get access. or vice versa."

 

If the user is not able to login using 802.1x, the user will not get on the network, regardless of the configuration..



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
Showing results for 
Search instead for 
Did you mean: