Wireless Access

last person joined: 19 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

mac address authentication problems

This thread has been viewed 7 times

  • 1.  mac address authentication problems

    Posted Jun 05, 2013 10:07 AM

    I have an Aruba 650 controller with version 6.2.1.1.
    I need to set up two wireless networks, one with mac address authentication only and the other with mac address authentication and captive portal.
    I'm not getting the mac address is authenticated. Can you help me?



  • 2.  RE: mac address authentication problems

    EMPLOYEE
    Posted Jun 05, 2013 10:13 AM

    What have you configured already and what is not working?  We do not have enough information to help you.



  • 3.  RE: mac address authentication problems

    Posted Jun 05, 2013 10:21 AM
      |   view attached

    I have both configured SSID, and another one in Open Open with Captive Portal.
    Then I followed the manual transmission attached.

    Best regards,

    ccarrico

    Attachment(s)

    zip
    MAC Address Authentication.zip   1.05 MB 1 version


  • 4.  RE: mac address authentication problems

    EMPLOYEE
    Posted Jun 05, 2013 10:27 AM

    turn on user debugging:

     

    config t
logging level debug user

     

     

    Disable the client's wireless card then delete the client from the user table:

     

    aaa user delete mac <mac address of user>

     Enable the user's wireless card to attach it to the network, then display the logs for that user to determine what is happening:'

     

    show log user 50

     



  • 5.  RE: mac address authentication problems

    Posted Jun 05, 2013 11:33 AM
      |   view attached

    I did the procedure you asked me, send attached result (log)

    Best regards,

    ccarrico    .

    Attachment(s)

    txt
    Log.txt   12 KB 1 version


  • 6.  RE: mac address authentication problems

    EMPLOYEE
    Posted Jun 05, 2013 11:41 AM

    it says "

    Jun 5 16:25:09 :522190:  <DBUG> |authmgr|  MAC=6c:e9:07:dd:c3:3a IP=0.0.0.0: MAC auth fail: entry-type=L2, bssid=6c:f3:7f:49:84:30.

     

    Is that the device?  What format are you using for the mac addresses?  Is that format in the mac authentication profile?  Did you enter the mac address in the internal database with username and password in the same format?

     

     



  • 7.  RE: mac address authentication problems

    Posted Jun 05, 2013 11:44 AM

    Right now my problem is that the user exists or not created, it always has access to the internet

    Best regards,

    ccarrico



  • 8.  RE: mac address authentication problems

    EMPLOYEE
    Posted Jun 05, 2013 11:47 AM

     

     

    A user will ALWAYS get the initial role of the AAA profile that he is attached to.  If you make this a "deny all" profile that has no acls, users that do NOT pass mac authentication will end up in this role.  Users that do pass, will be assigned the mac authentication user role, OR the role assigned to their mac address in the local user database.

     

    It will be quite painful to expose all of the options available to you on the forum here, so I suggest you open a TAC case if you want quick, concise support.