Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

IAP Mac auth and 802.1x

This thread has been viewed 3 times

  • 1.  IAP Mac auth and 802.1x

    Posted Dec 01, 2014 07:19 PM

    Gang, here is my senario. I have IAPs and want to use Mac auth before 802.1x auth (NPS). I need to know step by step the settings that need to be implemented in NPS to get this to work? I have enabled mac auth in the SSID, recommendations on the delimiter setting is welcome?

     

    I've read pieces of blog posts stating mac addresses need to reside in NPS or AD. None of those suggestings work. thxs



  • 2.  RE: IAP Mac auth and 802.1x

    EMPLOYEE
    Posted Dec 01, 2014 07:20 PM

    You can use MAC-authentication -OR- 802.1X with MAC authorization.

     

    You need a policy engine like ClearPass to do the latter.



  • 3.  RE: IAP Mac auth and 802.1x

    Posted Dec 01, 2014 07:42 PM
    Isn't this article doing what I'm trying to achieve?: https://arubanetworkskb.secure.force.com/pkb/articles/HowTo/R-399

    Problem is, this article is vague regarding the actual settings in NPS. Ideas?

    thxs


  • 4.  RE: IAP Mac auth and 802.1x
    Best Answer

    EMPLOYEE
    Posted Dec 01, 2014 07:47 PM

    This will not scale. It's telling you to write custom connection policies for each username/mac-address combination.