cancel
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 

Auto-sense Fabric Attach AP ports doing NEAP authentication on wifi clients

Auto-sense Fabric Attach AP ports doing NEAP authentication on wifi clients

James_A
Valued Contributor

I have an XIQ AP410C connected to a 5420 running Fabric Engine with auto-sense enabled. Fabric Attach is working fine, and the AP is also put onto the right VLAN and authenticated. The AP drops the clients onto the correct I-SID via FA, but the switch is also doing NEAP authentication (MAC auth) on the clients too. This causes duplicate entries in the end-system events, but more importantly it means I'm hitting the eapol multihost limits, which are 2 for mac-max, eap-mac-max and neap-mac-max by default. I found this post on MHSA for ERS and AP Aware for EXOS but there's nothing similar for for VOSS as far I know. I know I could turn off auto-sense or increase mac-max and neap-mac-max on the AP ports, but is there a way where I don't have to do manual config for AP ports?

5 REPLIES 5

Hi James,

You could try:

auto-sense fa wap-type1 eapol status authorized

in your auto-sense config. this configurations skips the EAPoL auth for the AP and disables the MHSA on the port with the AP.

But it will still allow the AP to sent EAPol auth to Control/RADIUS server.

Cheers

GTM-P2G8KFN