Hey guys,
Wondering if anyone has experience with this.
I am in the process of setting up 802.1X authentication on the LAN for one of our clients. The edge switches they are using are Aruba 2930Fs and the NAC product they are using is called ExtremeNetworks A3. Unfortunately, I am not familiar with ExtremeNetworks so my own naivety with that could be part of the issue.
Basically, I have got 802.1X working with certificates on the machines and with user credentials based on AD security groups - pretty run of the mill stuff. I also have web-auth working using the native Aruba default page.
What I would like to do is set it up so that users can authenticate with the cert or if they don't have the cert, they authenticate via web-auth. This means that I want to have 802.1X and Web-Auth both enabled on all access ports.
I have managed to get both 802.1X and web-auth enabled on the ports but when I test, it only seems to try and authenticate with one OR the other (depending how the adapter is configured). I would like it to try the cert first and then failing that, try web-auth.
I have seen guides using Captive Web Portal with Aruba Clearpass for this scenario but thus far I have not been able to get Captive Portal working in A3.
Thank you for any advice.
No comments:
Post a Comment