Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

802.1x preauth ACL

Solved
IsaiahGrothe
Conversationalist
‎Feb 18 2021 6:36 AM
‎Feb 18 2021 6:36 AM

802.1x preauth ACL

Is it possible to configure a pre-authentication ACL for interfaces configured with wired 802.1x authentication?  I would like to have selective network access allowed in the state prior to successful authentication, and then overridden by a dACL granting full access if/when authentication passes.

0 Kudos
Subscribe
1 Accepted Solution
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Feb 18 2021 10:47 AM
‎Feb 18 2021 10:47 AM

No.  You can just change the VLAN.

View solution in original post

Subscribe
3 Replies 3
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Feb 18 2021 10:47 AM
‎Feb 18 2021 10:47 AM

No.  You can just change the VLAN.

Subscribe
In response to PhilipDAth
IsaiahGrothe
Conversationalist
‎Feb 18 2021 2:48 PM
‎Feb 18 2021 2:48 PM

Okay.  Is any traffic at all (DHCP / DNS / PXE / etc.) allowed to pass on the switchport prior to authentication?  Or is an unauthenticated endpoint completely isolated?

0 Kudos
Subscribe
In response to IsaiahGrothe
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Feb 18 2021 2:51 PM
‎Feb 18 2021 2:51 PM

Completely isolated unless you configure a guest VLAN and authentication does not occur.

0 Kudos
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.