Re: 802.1x - Identity MAC caching
10-19-2017 04:26 AM
Please, forgive me if I insist - I have possibilities and I think you can help me understand. would such a scenario be possible?
1.service_MAC_Authentication (allow unknows) Endpoint Phone Number EQUAL Radius: IETF: Calling-Station-Id Enforcement Allow Access
2.service_802.1x_Autentication (LDAP users) user_name / pass <---> Active Directory Enforcement Allow Access post-functionss Connection Client-Mac-address == (update_Endpoint) ==> Endpoint Phone Number
* I do not know if a Wi-Fi client (802.1x) can first go through a MAC authentication service. And the bad ones. Could this be the first service?
1. service_802.1x_Autentication Endpoint Phone Number EQUAL Radius: IETF: Calling-Station-Id Enforcement Allow Access
* That same client - could move to the second service if it does not find the MAC?
* In the second service - Is it possible to update a record with a value? or add a new field in Endpoints "client-mac" for use in the first service?
Thank you very much for your help understanding the operation of the clearpass
10-19-2017 04:42 AM