Security

last person joined: 22 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

ClearPass MAC Authentication not working

This thread has been viewed 11 times

  • 1.  ClearPass MAC Authentication not working

    Posted Feb 27, 2019 01:47 AM

    Hi Team,

     

    I am a running a clear pass with AD Auth service and MAC auth Serivce.Dot1x AD auth is working fine.But Mac Auth is not working.While seeing in access tracker the mac request getting rejected in Dot1x AD service.Kindly provide your suggestions.

     

    The issue is Mac auth request is landing in dot1x AD auth services-Hiow to fix it



  • 2.  RE: ClearPass MAC Authentication not working

    Posted Feb 27, 2019 02:47 AM

    In the service rules for mac, do you have a line called:

     

    Connection  | Client-Mac-Address | EQUALS | %{Radius:IETF:User-Name}

     

    This should prevent dot1x clients to hit the mac-auth rule, you can then place the mac rule above dot1x.

     

    Or you can create a more specific condition in the dot1x service to exclude mac connections.



  • 3.  RE: ClearPass MAC Authentication not working
    Best Answer

    Posted Feb 27, 2019 08:36 AM
    In addition to the suggestion made by Klaring , you may also need to re-arrange the services so that the mac auth service is hit prior to the 802.1X service

    Sent from Mail for Windows 10


  • 4.  RE: ClearPass MAC Authentication not working

    Posted Mar 04, 2019 05:31 AM

    Hi ,

     

    I have rearranged the services,Still its mac auth is getting failed in Dot1x Services.Attached screenshot for your kind reference.



  • 5.  RE: ClearPass MAC Authentication not working

    Posted Mar 04, 2019 05:54 AM

    I see you build a mac rule for wireless, see line 2.

     

    Please change that to wired, or remove wireless