In my observation, the internal server is not really designed for this flexibility, but more a stop-gap if you can't do something else. I even think it's smart what you found out with the delimiter, but it's even beyond what I would have come up with.
For these type of more complex scenarios, using an external authentication server would be preferred.
If using Central, you may have a look at Cloud Authentication and Policy which is part of Central; but as that is more device type dependent, I'm not sure if it will support many different SSIDs all with MAC authentication.
------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check
https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
------------------------------
Original Message:
Sent: Feb 06, 2024 09:14 PM
From: harry fan
Subject: MAC Authentication question
Hi
Thanks for your reply, but currently we are not using ClearPass, so for now we can only configure mac authentication for "internalserver" on Aruba central. So it looks like impossible to do right?
Original Message:
Sent: Feb 06, 2024 03:05 AM
From: St�phane LALARDIE
Subject: MAC Authentication question
Hello,
I don't think internal DB is intended for that.
But it's incredibly easy with Clearpasss.
May be you should have a eye on it.
Regards,
------------------------------
StephaneLALARDIE
Original Message:
Sent: Feb 05, 2024 11:01 PM
From: harry fan
Subject: MAC Authentication question
Yes, I meant to have mac authentication, which should be called whitelisting, let it work in each SSID individually. As an example, 1111.1111.1111 is whitelisted accessible in SSID test1, but not in SSID test2's whitelisted.
Original Message:
Sent: Feb 05, 2024 05:49 AM
From: Craig Syme
Subject: MAC Authentication question
Are you referring to something along the lines as each SSID has their own unique db of MACs? For example the same MAC can existing in each db but depending on the SSID will grant different access?
Original Message:
Sent: Feb 04, 2024 12:07 AM
From: harry fan
Subject: MAC Authentication question
Hi,
I want to do mac address authentication policy on AP. It is currently configured on Aruba Central. I am also using the "internalserver" in Aruba Central. How can I make each SSID do mac address without affecting each other. I have tested it myself and found that I should be able to create "MAC Auth Delimiter Character". There are 5 types ": / , - %" or empty. But when filling in the username and password, the username prompt can only be ": - _" or empty. That is, it can only be used under 3 SSIDs without affecting each other. Can anyone help me this question? How can I use more than 3 SSIDs without affecting each other.