All Topics » Pulse Policy Secure



UAC - 802.1x in Monitoring Only Mode


glaberge
Contributor (11)
Apr 10, 2015 7:01pm

Is it possible to have an 802.1x setup with a UAC VM that allows people onto the network even if they fail. For example:

if USER = valid then allow
if USER = invalid then allow

if USER = not exists then allow

All we want is for the UAC box to capture who fails and who succeeds at the logins. Is that possible. I already tried server-fail permit but that only works for RADIUS timeouts.

Thank you in advance,

Garett




cbrauckmiller
Contributor (1)
Aug 2, 2015 9:20am
Garett, one other option on the switch side is to look at the SERVER-REJECT parameter. Most Cisco switches and Juniper EX switches support this. If the RADIUS server sends back a reject, the switch can then put a user on a specific VLAN.

The IC/MAG devices with UAC do not support allowing a user on if they fail authentication.

Thanks

Craig