HPE Community
Aruba & ProVision-based
1752782 Members
5793 Online
108789 Solutions
New Discussion

Re: Port-access: authenticated client disconnects unauthenticated clients

 
rogierg
Occasional Contributor

‎10-19-2011 08:03 AM

‎10-19-2011 08:03 AM

Port-access: authenticated client disconnects unauthenticated clients

We are using port-access in some parts of our network to separate trusted and untrusted clients. Because we have desktop switches we have set the client-limit to more then one as follows:

 

aaa port-access authenticator 2

aaa port-access authenticator 2 unauth-vid 9

aaa port-access authenticator 2 client-limit 8

aaa port-access authenticator active

 

When we have several unauthenticated clients attached, all is well and they are correctly placed in VLAN 9. When multiple authenticated clients it also works fine. The problems start when we try to mix these clients, then all unauthenticated clients loose their connection when an authenticated client connects to the switch.

 

I don't understand why this is happening. From the documentation I get that the client-limit enables 802.1x and adds port based acl's.

 

Any help is greatly appreciated!

 

0 Kudos
1 REPLY 1
rogierg
Occasional Contributor

‎10-19-2011 08:08 AM

‎10-19-2011 08:08 AM

Re: Port-access: authenticated client disconnects unauthenticated clients

Hmmm... this may explain this problem further:

"If all clients use the same configuration this should not be a problem. But if the RADIUS server responds with different configurations for different clients, then the last client authenticated will effectively lock out any previously authenticated client." (From the configuring port-based access guide)
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.