Hi,
I've setupped MAC authentication and radius authentication on same port for 2530-switch.
Computers has machine authentication that works ok, but when laptop is connected to port > it first tries with MAC auth that fails and after that gets connected with radius. How to get rid of this behaviour, because this generates reject logs and mails?
- access tracker logs, first reject for MAC and the Accept to machine certificate
- Wired service is above MAC, so I suppose it should be processed first?
snap from switch conf:
aaa authentication port-access eap-radius
aaa port-access authenticator 1-36
aaa port-access authenticator 1 auth-vid 1
aaa port-access authenticator 1 client-limit 10
aaa port-access mac-based 1-36
aaa port-access mac-based 1 addr-limit 10
aaa port-access mac-based 1 mac-pin
aaa port-access mac-based 1 auth-vid 1
br, Ollie