Security

last person joined: 20 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

MAC Auth Login Status REJECT

This thread has been viewed 4 times

  • 1.  MAC Auth Login Status REJECT

    Posted Aug 25, 2017 11:50 AM

    I'm hoping to have all devices that fail mac authentication be "accepted" from a login status perspective so I can extend CoA rights to our help desk so after the device is registered it can have it's session terminated. 

     

    I made the default Profile "Allow Access Profile" and I created a condition "(Authorization:[Guest Device Repository]:AccountStatus  NOT_EXISTS   )". But authentication still fails.

     

    I didn't know if I could add a secondary authenitcation source or if there was a way to get creative and say when username = mac then auth but hit a different enforcement policy...

     

    Is this possible to do?

     

    Thanks,

     

    Rosie



  • 2.  RE: MAC Auth Login Status REJECT
    Best Answer

    EMPLOYEE
    Posted Aug 25, 2017 12:06 PM

    You need to use Allow All MAC Auth and add a fail through rule that returns your captive portal role.



  • 3.  RE: MAC Auth Login Status REJECT

    Posted Aug 25, 2017 12:14 PM

    Thanks Tim! I was on the right path. 

     



  • 4.  RE: MAC Auth Login Status REJECT

    Posted Jun 15, 2019 04:34 AM

    Hi cappalli, what is difference between allow all mac and mac auth ?



  • 5.  RE: MAC Auth Login Status REJECT

    EMPLOYEE