can someone try to explain what is the expected outcome of the following scenario :
a configured switch with user-roles disabled and all interfaces are connected and working.
what would happen if I will enable the user roles on the switch?
will it cause the endpoints to reconnect?
what would happen on the first connection attempt?
would the endpoints get an ip ?
Without knowing the config of the switch, this is hard to say.
If you just enable user roles globally, nothing will happen on the ports, because you need to enable authentication on a per-port basis as well.
So enabling user roles globally will not change any port, but if you then enable dot1x or mac auth on a specific port, I#m not really sure if the user will disconnect or not. I would assume the user will disconnect to do authentication.
Afterward, every user needs to authenticate against the radius server and will get access to the network or not.
you should have a look into the security guide of your switch for more details.
thank you for your explicit answer.
I did some tests on my lab to test the results.
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2021 Hewlett Packard Enterprise Development LPAll Rights Reserved.