Mac Auth Bypass
My Goal is @mac of supplicants allow Radius/Switch to set it in dynamic VLAN (not created on switch but on Radius). Nevertheless not sure if I can do it with my swith XS716T. I know that it is 802.1x compliant but not sure for a Mac Auth authent only. My Radius and Switch are configured according to documentation (802.1x enable and port authent to Auto or Mac Auth), Radius server identified in switch and up.
My equipment (the supplicant) is receiving the request from the switch but does not answer back with an EAP identity response. Therefore port goes to unauthorized state.
Indeed, my supplicant could not be configured for 802.1x (special requirement). Guest VLAN is not an option also. So I think Mac Auth ByPass (not sure for the ByPass part :-)) should solve this problem.
Can I do it with my XS716T?
Re: Mac Auth Bypass
Welcome to Community!
Suggest set 802.1x in different scenario:
1. If require user input 'username/password' with EAP/MD5.... , please set 'Port Control' type to 'Auto';
2. If reuire user authenticate by MAC address, please set 'Port Control' type to 'MAC Based';
3. If there is no need do authenticate on the port(like: uplink port), please set 'Port Control' type to 'Authorized';
4. If want forbidden one port for ever, please set 'Port Control' type to 'Unauthorized';
So in your case, you can set 'Port Control' type to 'MAC Based' for these special supplicant. Meanwhile, you have to add accout with the username/password is MAC of this supplicant.
Hope it helps!