Log in to ask questions, share your expertise, or stay connected to content. Don’t have a login? Join now.
If I have 1 SSID, at this SSID, Can I do this as below?
1) 802.1x + Permitted MAC Address = Return Role1
2) If failed from 1) (authenticate with 802.1x only) = Return Role2
Authentication Server = Microsoft radius (NPS)
Yes, you can.
http://www.arubanetworks.com/techdocs/ArubaOS_6.4.4.x_WebHelp/Web_Help_Index.htm#ArubaFrameStyles/MAC_Authentication/Configuring_MAC_Based_Au.htm#mac_authentication_3812164677_1037542
If you have a mac authentication profile configured in the AAA profile, mac authentication occurs first before 802.1x authentication. If you have l2-authentication-fail-through disabled in the AAA profile (default), the client will be rejected immediately if mac authentication fails. If you have l2-authentication-fail-through enabled, the client will continue onto 802.1x authentication even if mac authentication fails. http://www.arubanetworks.com/techdocs/ArubaOS_6.4.4.x_WebHelp/Web_Help_Index.htm#ArubaFrameStyles/1CommandList/aaa_profile.htm?Highlight=l2-auth-fail-through
© Copyright 2024 Hewlett Packard Enterprise Development LPAll Rights Reserved.