Administrator Guide
Figure 148 Enabling the Enforce Machine Authentication Option
3. To enable the option, select the Enforce Machine Authentication check box.
Role Assignment with Machine Authentication Enabled
When you enable machine authentication, there are two additional roles you can define in the 802.1x
authentication profile:
l Machine authentication: default machine role
l Machine authentication: default user role
While you can select the same role for both options, you should define the roles according to the policies that
need to be enforced. Also, these machine authentication roles can be different from the 802.1x authentication
default role configured in the AAA profile.
With machine authentication enabled, the assigned role depends upon the success or failure of the machine
and user authentications. In certain cases, the role that is ultimately assigned to a client can also depend upon
attributes returned by the authentication server or server derivation rules configured on the Mobility Access
Switch.
Table 31 describes role assignment based on the results of the machine and user authentications.
Dell Networking W-ClearPass Deployment Guide Mobility Access Switch Configuration for 802.1X Authentication | 173