Wired Intelligent Edge (Campus Switching and Routing)

Occasional Contributor II

problem with 802.1x authentication



I am having issues with 802.1x authentication, I have been using in our wireless environment for 5 years without issue with derived roles coming from an NPS server either logon_role, user_role or quarantine_role with different vlans associated to each.

I am now wanting to add the same capability to wired ports on our remote AP's

Problem is the workstation logs on after booting and is assigned the correct 802.1x derived role of logon_role and is placed in the correct vlan all visable and correct on NPS server etc, the machine then shows up as a client on the controller host\machinename.domain.

When the user then logs in they do not appear to be authenticated again. NPS show no logged change, controller doesn't see the new client.

This is using the same aaa profile that functions correctly in the wireless environment


Any help would be appreciated

Guru Elite

Re: problem with 802.1x authentication

Did you configure the clients for machine + user authentication? 

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Occasional Contributor II

Re: problem with 802.1x authentication

Perfect thankyou, workstation was only configured for 802.1x machine authentication not machine or user authentication.


Another quick query I have two roles that are derived from the nps server after successful authentication has occured ie. logon_role and a user_role, if a domain based workstation fails then it is given the quarantine_role and appropriate vlan. However if a rouge client connects that is not setup for 802.1x or is not a member of the domain and cannot negotiate how is its role and vlan derived as at the moment it is being given the default machine role as above logon_role.

Thanks again

Search Airheads
Showing results for 
Search instead for 
Did you mean: