cancel
Showing results for 
Search instead for 
Did you mean: 

UAC - 802.1x in Monitoring Only Mode

Highlighted
Occasional Contributor

UAC - 802.1x in Monitoring Only Mode

Is it possible to have an 802.1x setup with a UAC VM that allows people onto the network even if they fail. For example:

if USER = valid then allow
if USER = invalid then allow

if USER = not exists then allow

All we want is for the UAC box to capture who fails and who succeeds at the logins. Is that possible. I already tried server-fail permit but that only works for RADIUS timeouts.

Thank you in advance,

Garett

1 REPLY 1
Highlighted
Moderator

Re: UAC - 802.1x in Monitoring Only Mode

Garett, one other option on the switch side is to look at the SERVER-REJECT parameter. Most Cisco switches and Juniper EX switches support this. If the RADIUS server sends back a reject, the switch can then put a user on a specific VLAN.

The IC/MAG devices with UAC do not support allowing a user on if they fail authentication.

Thanks

Craig