Security

Reply
Occasional Contributor II

Use cases for MAC auth with 802.1x

I think I got this in the right board.  If not please direct me to the correct board.

I am evaluating how our AAA profiels are set up on our current SSIDs.  I have inherited the system and haven't really changed much since I took over.  On our main secure SSID we have both MAC auth and 802.1x enabled.  Why is it that we would want both enabled?  I might be missing something but I can't see a good reason to have both enabled on the network.  We have a separate network that is MAC auth with a CP specifically for legacy devices.  What would the impact fo disabling MAC auth on our main network look like?

 

We are a higher ed institution running AOS 6.4.3.7 with about 1100 APs and 6 M3MK1 modules in 2 6000 chassis.

Guru Elite

Re: Use cases for MAC auth with 802.1x

In most cases, you would want to use a MAC address as an authorization source on an external policy server as part of a policy decision, not as part of authentication. 

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: