ā04-20-2023 12:40 AM
I have an XIQ AP410C connected to a 5420 running Fabric Engine with auto-sense enabled. Fabric Attach is working fine, and the AP is also put onto the right VLAN and authenticated. The AP drops the clients onto the correct I-SID via FA, but the switch is also doing NEAP authentication (MAC auth) on the clients too. This causes duplicate entries in the end-system events, but more importantly it means I'm hitting the eapol multihost limits, which are 2 for mac-max, eap-mac-max and neap-mac-max by default. I found this post on MHSA for ERS and AP Aware for EXOS but there's nothing similar for for VOSS as far I know. I know I could turn off auto-sense or increase mac-max and neap-mac-max on the AP ports, but is there a way where I don't have to do manual config for AP ports?
ā04-24-2023 09:16 AM
Hi James,
You could try:
auto-sense fa wap-type1 eapol status authorized
in your auto-sense config. this configurations skips the EAPoL auth for the AP and disables the MHSA on the port with the AP.
But it will still allow the AP to sent EAPol auth to Control/RADIUS server.
Cheers