Wireless Access

Hi Guys,

Good evening,

I have a small question.

UDR + 802.1x on wired port (RAP 155) *AOS 6.4.3.4*

-------------------------------------------------------------------

I created a wired profile that doing 802.1x and did the port untrusted - the auth is working as needed :)

I also created a UDR list of printer/switch the will be connected to the RAP155 802.1x and gave them a rule.

As far as i aware the UDR list shouldn't work because there is 802.1x profile on that port..that devices must passed even if they are in the UDR list.

Am i wrong? Becuase i notice the printer/switch are getting the role that i gave them on the UDR list.

I also tested it and devices that arent doing 802.1x and not in the UDR getting the deny role.

 

Can anyone please solve this for me once and for all. DOES UDR applying and worth to use when doing wired/wirelss 802.1x?

 

Thanks in advance,

 

Me

In a word, yes it should work.  To find out why a user got a role or VLAN, try this:

show user-table ip <ip address of user> | include Derivation

But dont 802.1x should takeover the UDR ROLE i gave the use? it's not 802.1x auth first and then UDR? (I was sure it like that until i notice it taking the UDR role and allowing device without 802.1x to connect to the port and auth.

UDR is higher priority. Please see here http://community.arubanetworks.com/t5/Controller-Based-WLANs/Priority-of-UDR-User-Derivation-Rule-rules/ta-p/178098