Wired Intelligent Edge

last person joined: 6 hours ago 

Bring performance and reliability to your network with the HPE Aruba Networking Core, Aggregation, and Access layer switches. Discuss the latest features and functionality of your switching devices, and find ways to improve security across your network to bring together a mobile-first solution
Back to discussions
Expand all | Collapse all

LaserJet disappearing

This thread has been viewed 4 times

  • 1.  LaserJet disappearing

    Posted Nov 01, 2018 10:40 AM

    We are in the process of rolling out our new HP 2930F switches (ver WC.16.06.0008) and I've encountered an issue with an HP LaserJet in our test building. The device always worked fine on our Aruba MAS switch. I'm using MAC auth with CPPM. It seems to auth fine and is usable. However, after some time (not quite sure how long) the device "disappears" and is no longer available on the network. If I unplug the network cable and replug it, it will re-auth and then is available.

     

    I have a TAC case open but thought I would throw it to the community in case it was something obvious.



  • 2.  RE: LaserJet disappearing

    EMPLOYEE
    Posted Nov 01, 2018 11:54 AM

    This may be caused by the printer going to "sleep".  You may want to configure MAC Pinning on the port to disable the logoff period and maintain authentication.

     

    You can find more info on it here in the Access Security Guide:

     

    http://h22208.www2.hpe.com/eginfolib/Aruba/16.07/5200-5361/index.html#GUID-1AD22D7B-CAB4-4EED-9178-FA39E1579819.html

     

    Justin

     

     



  • 3.  RE: LaserJet disappearing

    Posted Nov 01, 2018 12:25 PM

    I currently have mac auth and 802.1x enabled on all ports.

     

    aaa port-access authenticator 1/1-1/48
aaa port-access mac-based 1/1-1/48

    Is there any issue with enabling mac-pin for all ports?

     

    aaa port-access mac-based 1/1-1/48 mac-pin


  • 4.  RE: LaserJet disappearing

    EMPLOYEE
    Posted Nov 01, 2018 12:52 PM

    Hi Mike, 

     

    The only potential issue is that all ports you set mac pinning on will pin that mac address to that port.  If those devices are pretty static and don't move around much, like printers, phones, etc. that may be okay.

     

    Justin



  • 5.  RE: LaserJet disappearing

    Posted Nov 01, 2018 01:00 PM

    Is that only clinets that MAC auth on that port? Also, can you explain a MAC address being "pinned to a port"? What if I move it to another port or plug something else into that port?



  • 6.  RE: LaserJet disappearing

    EMPLOYEE
    Posted Nov 01, 2018 01:42 PM

    When you enable mac pinning on the port, mac authenticated clients are "pinned" in the switch authentication table for that port and will maintain their authentication until either the port flaps/bounces, or the switch reboots.

     

    Since some devices like printers or medical devices go into a "sleep" mode after a period of time or do not send out any kind of "keep alive" packets, this will allow those device to stay authenticated when "awoken".  Basically the logoff period is disable on the port for that specific client.