My scenario is SRX210 act as Infranet Enforcer (L3),no switche for 802.1x authenticate(L2).Now the end user could be authenticated successfully through the IC login page(Agentless),and after authenticated they could access the resources behind the firewall SRX210.But when I use the OAC agent to request authentication.it dosen't work.and says "open", and the icon on the taskbar is red. Now I'm confused,I want know if the OAC must be worked with 802.1x ? if not,what else I should do to let the OAC authenticated successfully from the IC4500.
You need to configure the IC for an AGENT configuration, since the OAC is the agent. You don't need an 802.1x switch. So you will be doing L3 authentication. In the OAC configure an Infranet Controller profile and point it to the correct path to the IC. Should work.