08-28-2013 02:40 AM - edited 08-28-2013 02:42 AM
MAC based authentication is working fine for wireless users. when the clients are connected to the desired SSID on which mac-aaa profile is set, it ask username & password for authentication. Working fine for wireless users whom mac address are configured in the internal database!!!!
Now... I have configured the same MAC-aaa profile to the controller port 1/4 and make the port untrusted and in the internal database i have added the mac address of client lan card. Now the client is wiredly connected to the controller port 1/4 and recveing a ip address of 192.168.3.0 network through DHCP enabled and authenticated and able to browse the websites.
Now i have deleted the mac address of client lan card from the internal database and apply/save config, but it still able to browse the internet. Whats the problem here ? hows it possible ?
Kindly help me in this regard.
Solved! Go to Solution.
08-28-2013 02:47 AM
because it's still got the auth role in the user-db
(via gui) fast method: find the mac in your clients - and do blacklist and then unblacklist - and then u will see that it will have untrusted (no internet) role.
2nd method: (via cli)
3600) #aaa user delete ?
A.B.C.D Match IP address
all Delete all users
ap-ip-addr Match AP IP address
ap-name Match AP name
mac Match MAC address
name Match user name
role Match role name
Aruba Airheads - Powered By community for empower the community
************ Don't Forget to Kudos + me,If i helped you******************