Security

last person joined: an hour ago 

Enterprise security using ClearPass Policy Management, ClearPass Security Exchange, IntroSpect, VIA, 360 Security Exchange, Extensions and Policy Enforcement Firewall (PEF).
Expand all | Collapse all

Printer not hitting MAC rule

  • 1.  Printer not hitting MAC rule

    Posted Jun 12, 2019 02:25 AM

    Hi ,

    I have a Spare printer connected to LAN port and when i check the logs it is hitting EAP TLS service and not hitting MAC rule which is below EAP-TLS rule .

    It is getting rejected

     

    The authentication method in access tracker is showing blank

    Error Code:
    201
    Error Category:
    Authentication failure
    Error Message:
    User not found

    RADIUS Test AD Wired - testad.test-intra.net: User not found.
    Cannot select appropriate authentication method

     

    I am not sure why printer us hitting EAP service



  • 2.  RE: Printer not hitting MAC rule

    Posted Jun 13, 2019 04:49 PM

    Can you post summary screenshots of both services?



  • 3.  RE: Printer not hitting MAC rule

    Posted Jun 17, 2019 07:58 AM

    In general, the MAC authentication service should be above the 802.1X service for the same SSID.

     

    The authentication method (MAC/802.1X) is evaluated after the service has been selected. If a request does not match the right service, either add modify the service condition rules of the service that should not match and/or move the rule that does not match before that wrongly matching rule.

     

    Please note that how to order services and resolve conflicts like there is very fundamental ClearPass knowledge and doing the wrong thing can break complete networks. If you haven't engaged with a professional for design and advice, for a production environment you should do so.