Wireless Access

Frequent Contributor II

mac authentication on wired port of a rap 203R



i'm trying to configure mac authentication on a wired port of a 203R.


I created : 


aaa authentication mac "test-mac-authentication-rap-print"
delimiter colon
max-authentication-failures 2

aaa profile "test-mac-auth-rap-print-aaa_prof"
authentication-mac "test-mac-authentication-rap-print"
mac-default-role "authenticated"


and assigned this to port 1 of the config.


But still i'm able to access the vlan without entering the mac in the controller's local user db.


Layer 2 passthrough is disabled.


Is mac authentication not possible on a wired port?  Or am i missing something else?



Guru Elite

Re: mac authentication on wired port of a rap 203R

Make the "initial role" in your AAA profile something that denies all traffic.

*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.4 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
Sign up for Security Alerts
Aruba Technical Webinars
Search Airheads
Showing results for 
Search instead for 
Did you mean: