Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
766
Views
2
Helpful
2
Replies

Authentication Open for MAB

Go to solution
rezaalikhani
VIP
VIP

‎05-10-2023 09:31 AM

Hi all;

Does "authentication open" work for MAB, too?

Thanks

0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Flavio Miranda
VIP
VIP

‎05-10-2023 09:43 AM

Hello

 It does in conjunction with MAB  and dot1x.

By definition:

"Open authentication is enabled by entering the authentication open command after host mode configuration,
and acts as an extension to the configured host mode. For example, if open authentication is enabled with
single-host mode, then the port will allow only one MAC address. When preauthentication open access is
enabled, initial traffic on the port is restricted only by whatever other access restriction, independent of 802.1X,
is configured on the port. If no access restriction other than 802.1X is configured on the port, then a client
device will have full access on the configured VLAN."

  So, the implementation would be:

authentication host-mode multi-auth

authentication open

authentication order mab dot1x

authentication priority dot1x mab

authentication port-control auto

 

View solution in original post

2 Replies 2

Go to solution
Rob Ingram
VIP
VIP

‎05-10-2023 09:35 AM

@rezaalikhani yes, MAB and 802.1X

Go to solution
Flavio Miranda
VIP
VIP

‎05-10-2023 09:43 AM

Hello

 It does in conjunction with MAB  and dot1x.

By definition:

"Open authentication is enabled by entering the authentication open command after host mode configuration,
and acts as an extension to the configured host mode. For example, if open authentication is enabled with
single-host mode, then the port will allow only one MAC address. When preauthentication open access is
enabled, initial traffic on the port is restricted only by whatever other access restriction, independent of 802.1X,
is configured on the port. If no access restriction other than 802.1X is configured on the port, then a client
device will have full access on the configured VLAN."

  So, the implementation would be:

authentication host-mode multi-auth

authentication open

authentication order mab dot1x

authentication priority dot1x mab

authentication port-control auto

 

Customers Also Viewed These Support Documents