Some port-security and port-access features are not compatible. If you want to limit the number of clients with port-access (authentication), you can do that with the port-access command. If this is an AOS-Switch, that would be 'aaa port-access authenticator 1-24 client-limit 20' to limit to 20 authenticated clients per port. Quite sure that CX has a similar command.
------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check
https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
------------------------------
Original Message:
Sent: Oct 31, 2024 03:13 AM
From: ralisevim
Subject: 802.1x and Port-security Error
Hello everyone!
I work about ARP, DHCP and broadcast attacks on switches. I got a Linux PC and I tried to do attacks as I said.
So, I did DHCP-Snooping, Arp-protect and port-security (for broadcast). Today, I need to run 802.1x commands but I get this error;
1: 802.1x-protected port can have only continuous or port-access learn mode.
My 802.1x Commands;
aaa authentication port-access eap-radius
aaa port-access authenticator 1-24
aaa port-access authenticator 1-24 unauth-vid 29
aaa port-access authenticator active
aaa accounting network start-stop radius
So, I need to do port-security and address-limit 20 but I can't.
My port-sec commands; port-security 1-24 address-limit 20 learn-mode limited-continuous action send-disable
How can I solve this ? I didn't found any solution on internet.