Switches, Hubs, and Modems
cancel
Showing results for 
Search instead for 
Did you mean: 

Mac authentication

Julien Mioni
Occasional Advisor

Mac authentication

Hi,
is it possible to have mac authentication on clients while connecting 2524 switches on a core 5304xl ?
Client --->2524--->5304xl--->Radius

The aim is to assign dynamically VLANs to stations using mac auth (or Web auth). All ports of a 2524 belonging to the same VLAN.

Thanks
Julien

8 REPLIES
Rich S
Honored Contributor

Re: Mac authentication

I use the MAC on my wireless router. MAC is the only way to go. No need for WEP or WAP which will slow the rate of your connection down with encryption packets.

MAC auth is the way to go.


Rich
Julien Mioni
Occasional Advisor

Re: Mac authentication

Rich,

I'm not in a wireless but in a wired environment.

My question is if it's possible to use the mac auth capabilities of a 5304xl while stations a connected trough a 2524.

Julien
Rich S
Honored Contributor

Re: Mac authentication

Hi Julien,

I was using the wirless only as an example for MAC use.

Try calling HP directly.


Les Ligetfalvy
Esteemed Contributor

Re: Mac authentication

I'm not sure I follow...
If you are thinking that you can leverage the capability from the 5300, you are SOL. Since the 2524 uplinks to a single port, you would be moving that 5300 port to a specific VLAN and all 24 ports of the 2524 would move en masse.
Julien Mioni
Occasional Advisor

Re: Mac authentication

I've sent a mail to Procurve design center. I'm waiting for their response. I'll keep the forum informed.

Thanks anyway
Julien Mioni
Occasional Advisor

Re: Mac authentication

Les,

what do you mean by "SOL" ?

To be more explicit, do you think that the 5300 will see the MAC address of stations and not only which of the 2524 directly connected ?

In that case, would it be possible to use mac authentication feature of the 5300 ?
I agree with you, one port = one vlan on 5300.

Julien
Les Ligetfalvy
Esteemed Contributor

Re: Mac authentication

SOL = Short On Luck, or Sorta Outa Luck, or something like that.

You can do simple MAC address lockdown as each port can hold 32 MACs, but AFAIK, authentication with dynamic VLAN assignment would never fly.
Julien Mioni
Occasional Advisor

Re: Mac authentication

My problem is much more complicated... There're about 1200 PCs, with Employee Vlan, Student Vlan, Teachers Vlan and Guest Vlan. With some restrictions like : one PC must belong to one and only one vlan. But my client don't want to add an an implicit authentication (students are not in domain)

I'd rather use 802.1x... It's the only issue

thanks for your comments.