HPE Community
LAN Routing
1849167 Members
8616 Online
104041 Solutions
New Discussion

Dual 802.1X and MAC-Based Port-Access on J9086A / #R.11.122

 
SOLVED
Go to solution
MaxJung
Regular Visitor

‎09-25-2020 08:45 AM

‎09-25-2020 08:45 AM

Dual 802.1X and MAC-Based Port-Access on J9086A / #R.11.122

Hello,

I need to use both 802.1X and Mac-based authentication on my J9086A with firmware #R.11.122. The 802.1X part is working but I cant get the switch to do mac-based authentication too. On my newer 2530-8G (J9774A) this is no problem, on the 2610-24/12pwr I just can't use "aaa port-access 1 auth-order authenticator mac-based". Do you know how this works with the older firmware?

 

Regards,

Max Jung

0 Kudos
1 REPLY 1
Emil_G
HPE Pro

‎09-27-2020 11:58 PM

‎09-27-2020 11:58 PM

Solution

Re: Dual 802.1X and MAC-Based Port-Access on J9086A / #R.11.122

Hello @MaxJung,

Please if not tested yet, make sure that you have configured 802.1x authentication in user mode. This is done by specifying a client-limit for 802.1x authentication clients.

Switch(config)#aaa port-access authenticator <port id list> client-limit <1-32>

It should be specified even if the limit is 1. Without a client limit the port operates in port based mode which means a successful authentication opens the port for all users and failed attempt closes it for all users.

If it is still not working please provide sanitized excerpts from your running configuration, showing how exactly an example port is configured. For example show running-config interface <port id>.

I am an HPE employee

Accept or Kudo


The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.