I think I understand your answer, but so I understand 100% let me ask a different way.
Assuming I use "l2-auth-fail-through" on a single SSID, is it possible to have the following two users associated? One has authenticated with MAC-Auth only, the other has authenticated with WPA2-PSK only.
I don't need both authentication methods to ever succeed together (for a single device), I'm simply seeing if I can do one or the other on a single SSID.
Thanks again