Security

Reply
Occasional Contributor II

Juniper CPPM MAC Auth

I'm having a strange issue, if anyone has seen it before before I start opening TAC cases

We have a mixed environment of Juniper and Cisco switches both authenticating against CPPM. If i add a device to the guest device Repository, and attempt to have it authenticate it while connected to a Juniper switch, it fails. Stating:

"MAC_AUTH: No password in request. Not attempting MAC authentication
EAP-MD5: Authentication failed"

The strange thing is, it works fine if I plug into a cisco switch. It also works fine on Juniper Switches, if I add the device to the endpoint database and remove it from the guest device database.

Anyone see anything similar? 

Thanks,
Chris

Guru Elite

Re: Juniper CPPM MAC Auth

Juniper switches do not send the MAC address as the password. See here: http://community.arubanetworks.com/t5/Security/Error-Code-209-No-password-in-request-MAC-authentication/m-p/152942

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Occasional Contributor II

Re: Juniper CPPM MAC Auth

Thanks Tim,

I did see that post, but I thought since some requests were going through okay, it was just the guest devices that were failing, I just had a config error somewhere. I'll look into the diffrent auth source that was posted in that thread. 


Chris

Re: Juniper CPPM MAC Auth

Hi cappalli,

i have the same issue with aruba switch 2920 whith integration with clearpass for MAC authentication.

I am recieving below error:-

"MAC_AUTH: No password in request. Not attempting MAC authentication
Cannot select appropriate authentication method"

Do you have any idea how to make clearpass check only MAC address as username without checking password OR how can we do something in aruba switch ?

 

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: