Extreme Control always hits default catch-all rule

  • 12 March 2019
  • 0 replies

We have setup Extreme Control using both 802.1X authentication and MAC authentication. Everything is working fine, however our 802.1X authentications also hit the default catch-all rule on MAC authentication. This is to be expected, that's why we created a rule in front of it configured for only MAC authentication. Still the default catch-all rule is being hit first, then the rule we created and eventually the 802.1X rule. However because our defaul catch-all rule points to a different VLAN with a different subnet the end-system show the IP from the catch-all network and not the IP from the 802.1X VLAN (which it is in and functioning).

How can we solve this issue that the correct IP is displayed? We don't want to disable MAC authentication because this will limit the NAC functionality, we want to be able to plugin any device and perform either 802.1X, MAC-auth or a combination based on the rules. Not based uppon the port supports one of the 2.

Anybody got an idea?

0 replies

Be the first to reply!