Network Management

 View Only
Expand all | Collapse all

802.1x and Port-security Error

This thread has been viewed 17 times
  • 1.  802.1x and Port-security Error

    Posted Oct 31, 2024 03:14 AM

    Hello everyone!

    I work about ARP, DHCP and broadcast attacks on switches. I got a Linux PC and I tried to do attacks as I said.

    So, I did DHCP-Snooping, Arp-protect and port-security (for broadcast). Today, I need to run 802.1x commands but I get this error; 

    1: 802.1x-protected port can have only continuous or port-access learn mode.

    My 802.1x Commands; 

    aaa authentication port-access eap-radius
    aaa port-access authenticator 1-24
    aaa port-access authenticator 1-24 unauth-vid 29
    aaa port-access authenticator active
    aaa accounting network start-stop radius

    So, I need to do port-security and address-limit 20 but I can't.

    My port-sec commands; port-security 1-24 address-limit 20 learn-mode limited-continuous action send-disable

    How can I solve this ? I didn't found any solution on internet.



  • 2.  RE: 802.1x and Port-security Error

    Posted Nov 01, 2024 08:18 AM

    Some port-security and port-access features are not compatible. If you want to limit the number of clients with port-access (authentication), you can do that with the port-access command. If this is an AOS-Switch, that would be 'aaa port-access authenticator 1-24 client-limit 20' to limit to 20 authenticated clients per port. Quite sure that CX has a similar command.



    ------------------------------
    Herman Robers
    ------------------------
    If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

    In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
    ------------------------------