Community Home > Discuss > Technology > Security > mac-address as username & password

Security

Reply
bickyz
Occasional Contributor II
bickyz

mac-address as username & password

‎01-07-2016 05:23 AM

Hi, I have setup a Guest SSID to bypass the captive portal to list of mac addresses. I am following this tutorial http://ccie25938.blogspot.nl/2011/12/aruba-controller-authentication.html

I have added the few devices mac address to the Internal DB by typing the mac address on the username & password field with the role as authenticated.

 

The devices that matches the mac address now bypass the captive portal authentication which is working, however, if somebody knows the mac address from the bypass list, then they can type it on the username and password box to authenticate their device. Is this normal behaviour ?

 

Any help would be much appreciated, thank you.

Alert a Moderator
Message 1 of 2
2,478 Views
Reply
0 Kudos
Guru Elite Guru Elite
Guru Elite
cjoseph

Re: mac-address as username & password

‎01-07-2016 05:45 AM

Yes, because you are using the same database for both types of authentication.  You would need an external policy server like clearpass to deal with that issue, so that it can use a different database for user and mac authentication.


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.4 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
Sign up for Security Alerts
Aruba Technical Webinars
Alert a Moderator
Message 2 of 2
2,472 Views
Reply
0 Kudos
Search Airheads
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

© Copyright 2019 Hewlett Packard Enterprise Development LP
All Rights Reserved.
Powered by Lithium