I have a Spare printer connected to LAN port and when i check the logs it is hitting EAP TLS service and not hitting MAC rule which is below EAP-TLS rule .
It is getting rejected
The authentication method in access tracker is showing blank
Error Code:201Error Category:Authentication failureError Message:User not found
RADIUS Test AD Wired - testad.test-intra.net: User not found.Cannot select appropriate authentication method
I am not sure why printer us hitting EAP service
Can you post summary screenshots of both services?
In general, the MAC authentication service should be above the 802.1X service for the same SSID.
The authentication method (MAC/802.1X) is evaluated after the service has been selected. If a request does not match the right service, either add modify the service condition rules of the service that should not match and/or move the rule that does not match before that wrongly matching rule.
Please note that how to order services and resolve conflicts like there is very fundamental ClearPass knowledge and doing the wrong thing can break complete networks. If you haven't engaged with a professional for design and advice, for a production environment you should do so.
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2020 Hewlett Packard Enterprise Development LPAll Rights Reserved.