Controllerless Networks

I can see the Deny All role is being assigned to some clients. The authentication method configured is PSK + MAC Auth.

Are you doing MAC Auth against a Radius Server?
Which version of code?
Can you give an output of an AP on which the Client tries to authenticate - show ap debug auth-trace-buf mac <MAC-Address>

Original Message:
Sent: Jan 09, 2025 08:35 AM
From: jorenilson
Subject: "Denyall" role being assigned to new authenticated users

I can see the Deny All role is being assigned to some clients. The authentication method configured is PSK + MAC Auth.

There are a lot of questions to answer in order to understand it right.

MAC Auth used is for Mobile Devices or Laptops? If its mobile devices, have you considered Random MAC Feature on the mobile devices?

 

------------------------------
Shpat | ACEP | ACMP | ACCP | ACDP |
-Just an Aruba enthusiast and contributor by cases-
------------------------------

Original Message:
Sent: Jan 09, 2025 08:35 AM
From: jorenilson
Subject: "Denyall" role being assigned to new authenticated users

I can see the Deny All role is being assigned to some clients. The authentication method configured is PSK + MAC Auth.

Hi everyone,

This was solved. In the Mobility Controller portal -> Configuration -> Authentication -> L2 Authentication tab -> MAC Authentication -> IN-MY-SSID, the Option Delimiter was set to "None". After change to the correct format(Colon in my case), all devices passed to authenticate normally.

Thank you very much to everyone.

Original Message:
Sent: Jan 09, 2025 08:35 AM
From: jorenilson
Subject: "Denyall" role being assigned to new authenticated users

I can see the Deny All role is being assigned to some clients. The authentication method configured is PSK + MAC Auth.

Good to hear and Congrats in finding the solution!
Be sure to post your request in the correct group next time. You postet it in the "Controllerless" Group, but are using a Controller. This helps with giving more qualified answers.

Just a friendly hint for next time. Have a nice weekend - but I am sure you will have now :-)

Original Message:
Sent: Jan 10, 2025 07:29 AM
From: jorenilson
Subject: "Denyall" role being assigned to new authenticated users

Hi everyone,

This was solved. In the Mobility Controller portal -> Configuration -> Authentication -> L2 Authentication tab -> MAC Authentication -> IN-MY-SSID, the Option Delimiter was set to "None". After change to the correct format(Colon in my case), all devices passed to authenticate normally.

Thank you very much to everyone.

Original Message:
Sent: Jan 09, 2025 08:35 AM
From: jorenilson
Subject: "Denyall" role being assigned to new authenticated users

I can see the Deny All role is being assigned to some clients. The authentication method configured is PSK + MAC Auth.