Hi All,
I tested some scenario about 802.1x with EAP-TLS authentication on ArubaOS (Aruba 2530-8G) switch.
In the network topology, there is one ArubaOS switch, one ClearPass, one unmanaged switch (or IP phone), and two clients. One client has valid certificate and the other has not.
I connected an unmanaged switch to the switch port and I connected the notebook to the unmanaged switch. On the ArubaOS switch there is a user-based 802.1x configuration.
I successfully authenticated with my certificate and got the proper network access. But if I clone the authenticated notebook wired MAC address to the other notebook and I unplugged the cable from authenticated notebook and plugged to the other notebook where is the mac address is the same as the notebook of valid certificate I have access to the network without any certificate and authentication.
I know that the switch create each session for each device based on device MAC address.
Is there any solution about this?
Thank, David