HPE Community
Switches, Hubs, and Modems
1751940 Members
5057 Online
108783 Solutions
New Discussion юеВ

Mac authentication

 
Julien Mioni
Occasional Advisor

тАО09-05-2005 10:56 PM

тАО09-05-2005 10:56 PM

Mac authentication

Hi,
is it possible to have mac authentication on clients while connecting 2524 switches on a core 5304xl ?
Client --->2524--->5304xl--->Radius

The aim is to assign dynamically VLANs to stations using mac auth (or Web auth). All ports of a 2524 belonging to the same VLAN.

Thanks
Julien

0 Kudos
8 REPLIES 8
Rich S
Honored Contributor

тАО09-07-2005 02:48 AM

тАО09-07-2005 02:48 AM

Re: Mac authentication

I use the MAC on my wireless router. MAC is the only way to go. No need for WEP or WAP which will slow the rate of your connection down with encryption packets.

MAC auth is the way to go.


Rich
0 Kudos
Julien Mioni
Occasional Advisor

тАО09-07-2005 03:06 AM

тАО09-07-2005 03:06 AM

Re: Mac authentication

Rich,

I'm not in a wireless but in a wired environment.

My question is if it's possible to use the mac auth capabilities of a 5304xl while stations a connected trough a 2524.

Julien
0 Kudos
Rich S
Honored Contributor

тАО09-07-2005 03:25 AM

тАО09-07-2005 03:25 AM

Re: Mac authentication

Hi Julien,

I was using the wirless only as an example for MAC use.

Try calling HP directly.


0 Kudos
Les Ligetfalvy
Esteemed Contributor

тАО09-07-2005 03:46 AM

тАО09-07-2005 03:46 AM

Re: Mac authentication

I'm not sure I follow...
If you are thinking that you can leverage the capability from the 5300, you are SOL. Since the 2524 uplinks to a single port, you would be moving that 5300 port to a specific VLAN and all 24 ports of the 2524 would move en masse.
0 Kudos
Julien Mioni
Occasional Advisor

тАО09-07-2005 04:13 AM

тАО09-07-2005 04:13 AM

Re: Mac authentication

I've sent a mail to Procurve design center. I'm waiting for their response. I'll keep the forum informed.

Thanks anyway
0 Kudos
Julien Mioni
Occasional Advisor

тАО09-07-2005 06:23 AM

тАО09-07-2005 06:23 AM

Re: Mac authentication

Les,

what do you mean by "SOL" ?

To be more explicit, do you think that the 5300 will see the MAC address of stations and not only which of the 2524 directly connected ?

In that case, would it be possible to use mac authentication feature of the 5300 ?
I agree with you, one port = one vlan on 5300.

Julien
0 Kudos
Les Ligetfalvy
Esteemed Contributor

тАО09-07-2005 06:36 AM

тАО09-07-2005 06:36 AM

Re: Mac authentication

SOL = Short On Luck, or Sorta Outa Luck, or something like that.

You can do simple MAC address lockdown as each port can hold 32 MACs, but AFAIK, authentication with dynamic VLAN assignment would never fly.
0 Kudos
Julien Mioni
Occasional Advisor

тАО09-07-2005 06:54 AM

тАО09-07-2005 06:54 AM

Re: Mac authentication

My problem is much more complicated... There're about 1200 PCs, with Employee Vlan, Student Vlan, Teachers Vlan and Guest Vlan. With some restrictions like : one PC must belong to one and only one vlan. But my client don't want to add an an implicit authentication (students are not in domain)

I'd rather use 802.1x... It's the only issue

thanks for your comments.

0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.