Wireless Access

last person joined: 21 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

802.1x or MAC authentication at same SSID

This thread has been viewed 3 times

  • 1.  802.1x or MAC authentication at same SSID

    Posted Aug 12, 2015 10:54 AM

    Is it possible to configure one SSID with two type of authentication? 

    We need 802.1x (EAP-TLS) or MAC authentication at the same SSID, is it possible to configure at 3400 controller without ClearPass?



  • 2.  RE: 802.1x or MAC authentication at same SSID
    Best Answer

    EMPLOYEE
    Posted Aug 12, 2015 11:08 AM

    If you configure an SSID with 802.1x, it cannot support another device that is not configured for 802.1x. 



  • 3.  RE: 802.1x or MAC authentication at same SSID

    Posted Aug 12, 2015 02:26 PM

    Hi,

     

    If you enable both MAC auth and dot1x on the same SSID, it works as follows,

    1. always MAC auth first then dot1x

    2. If MAC auth success and dot1x failed, user will get MAC default role

    3. If MAC auth success and dot1x success, user will get dot1x default role ( or SDR/VSA role)

     

    If you are looking for something similar, you can enable both on the same SSID.

     

    Please feel free for any further help on this.



  • 4.  RE: 802.1x or MAC authentication at same SSID

    MVP
    Posted Aug 13, 2015 09:29 AM

    The kicker: the dot1x failing here means wrong password or something similar. Not a non-supplicant (dot1x) client!  Right?

    So not a solution for zemarcios situation.