Hi, We acheived to setup 802.1x+MAB on HP 2610 HP switches just like with Cisco. As this is nearly undocumented, I want to share the information, as it may be interesting to have it on official PF devices config guide.
The trick is to use aaa port-access authenticator x client-limit 1, which allows multiple auth modes for a single client. With this setup, 802.1x auth is tried first, and if it fails, mac auth is performed. radius-server host a.b.c.d acct-port 1813 key "verysecret" snmp-server host a.b.c.d community "public" informs trap-level not-info no snmp-server enable traps link-change x aaa server-group radius "packetfence" host a.b.c.d aaa authentication port-access eap-radius server-group "packetfence" aaa authentication mac-based chap-radius server-group "packetfence" port-security x learn-mode port-access action send-alarm aaa port-access authenticator x aaa port-access authenticator x client-limit 1 aaa port-access authenticator active aaa port-access mac-based x aaa port-access mac-based x addr-moves aaa port-access mac-based x reauth-period 14400 aaa port-access x controlled-direction in The last line is supposed to allow WOL magic packets to be sent to the port. Unfortunately it doesn't seems to work, I have to investigate this issue, as I'm not sure that Magic packets are reaching the switch if there is no untagged vlan matching WOL broadcast address configured on it. Regards, Denis Bonnenfant Lycée Diderot Paris ------------------------------------------------------------------------------ Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server from Actuate! Instantly Supercharge Your Business Reports and Dashboards with Interactivity, Sharing, Native Excel Exports, App Integration & more Get technology previously reserved for billion-dollar corporations, FREE http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk _______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
