Frequent Contributor I

MAC base authentication is no working...

I am unable to authenticate my lap using mac base authenticationn. Although i have followed the proper steps as mentioned on here as well as on aruba Aruba 6.0 user guide.


Step 1: Default role on Wilress lan wizard is LOGON.


Step2: L2 athentication profile has been made . Snapshot 1

Delimeter none and upper case


step3: AAA profile with initial role LOGON, Default role GUEST and LOGON for 802.1x . Snapshot 22.jpg


If i enable  the L2 authentication Fail through, mac base authentication works, but as i uncheck it, mac base authen doesnt work


step4: internal DB i have provided the laptop MAC address but still it gives me error ( windows is unable to connect to Test-SSID) snasphot 3




Guru Elite

Re: MAC base authentication is no working...

The username AND the password needs to be the mac address in the internal database.


Allowing layer2 faithrough allows any other authentication like 802.1x or preshared key authentication to continue, even though mac address authentication fails.  If it works when you allow this, that means there is a problem with your mac authentication.

*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.4 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
Sign up for Security Alerts
Aruba Technical Webinars
Frequent Contributor I

Re: MAC base authentication is no working...

Dear concerned,


how can i resolved my mac base authentication problem... i have done all those steps which should be have to follow.


by Allowing L2 authentication fail thorugh , mac base authentication works, without it, it doesnt..


kindly help me in this regard.


Aruba Employee

Re: MAC base authentication is no working...

* Make sure the "Delimiter" knob in Mac-Authentication profile is correctly configured as per the user which you are using (localdb/external-server)

* when you reconnect the client , make sure the user-entry doesnt exist on the controller - if you want to enforce MAC-auth to happen again ,  else you need to enable "registration-role" knob in the user-role to enforce MAC-auth to happen again (where the significance of this knob is for other limited purpose)

Search Airheads
Showing results for 
Search instead for 
Did you mean: