Security

Reply
Highlighted
Occasional Contributor II

Auth priority vs auth order

Hi,

I am trying to figure out the difference while configuring Cisco switch between the command
Authentication priority dot1x mab

And

Authentication order dot1x mab

Also what does fallback actually means ?

Does it mean that when dot1x fail then next try for mab ?

Accepted Solutions
Moderator

Re: Auth priority vs auth order

You should always define both. Generally you want dot1X to fire first and dot1X to take priority.

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.

View solution in original post


All Replies
Highlighted
Moderator

Re: Auth priority vs auth order

Auth order is the order in which they fire.

Auth priority means which result will take precedence for an accept.

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Highlighted
Occasional Contributor II

Re: Auth priority vs auth order

Ok thanks Tim

Do we need to configure both commands ?

My need is to always give priority to dot1x and then mab on per port basis

What if I don't define order command ? Is there any global way to always make an order dot1x and then mab ?
Moderator

Re: Auth priority vs auth order

You should always define both. Generally you want dot1X to fire first and dot1X to take priority.

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.

View solution in original post

Highlighted
Occasional Contributor II

Re: Auth priority vs auth order

Ok thanks Tim as always
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: