Security

Who Me Too'd this topic

Frequent Contributor I

Protect switchport with attached Instant access point

Hi

 

I'm looking to protect  the ports on Aruba switches with dot1x / mac-auth via Clearpass. There are Instant access points which have untagged and tagged vlans (of course) to bridge the user traffic onto the network. This means that when enabeling dot1x/mac-auth on the port, all client traffic is also tagged via the wired policies (in stead of the wireless). Is there a way to handle this so the client traffic is allowed following the wireless policies, but the physical port is protected and only allows the physical connection as defined in the wired policies?

 

Rgds

Peter

ACMX, ACDX, ACCP, MASE
Who Me Too'd this topic