- Community Home
- >
- Networking
- >
- Switching and Routing
- >
- Aruba & ProVision-based
- >
- HPE ArubaOS 3810m - Inaccessible Authentication By...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-02-2017 01:34 PM
05-02-2017 01:34 PM
HPE ArubaOS 3810m - Inaccessible Authentication Bypass ???
Quickly glanced at that ArubaOS & Cisco IOS CLI Referenced Guide & I've read through both of the Switch Management and Configuration Guide & Switch Access Security Guide (KA_KB.16.03).
I have yet to come across anything that would re-create Cisco's Inaccessible Authentication Bypass config to put a port in a VLAN in the event that the RADIUS server is unresponsive.
Access Security Guide does reference "No server(s) responding." messages, but it doesn't provide any more information regarding what alternative configurations are available.
The Access Security Guide does reference 802.1X Open VLAN mode & both an Authorized-Client VLAN & an Unauthorized-Client VLAN, but no explicit mention of what happens when the RADIUS server is unrechable.
As such, are we to assume that in the event that the RADIUS Authentication times out because the server is unresponsive, the authentication attempt will be treated as a REJECT & the client will land in the Unauthorized-Client VLAN, if configured?
It would be really nice to be able to use a different VLANs for failed Authentication attempts (due to client configuration errors - bad username or passwords) and those that fail because they can't be serviced (Authentication Service Unavailable).
TIA,
--Raf