Use case: Mixed network environment. Some campuses use Cisco, some Arista switches. Some devices attached to mini-switches, attached to either an Arista or Cisco access port.
We want to see the result of a RADIUS authentication attempt, but we do not want to block based on that result. In a cisco environment, devices connected to a mini switch can be authorized on a per device basis, and using the ‘authentication open’ command means we can see the result of the authentication attempt, even though we allow all devices on.
In an Arista environment, we do not have the same behavior, because there is no equivalent for ‘authentication open’. We can allow all devices, and we can block devices that do not authenticate, even when connected to a mini switch. But what we cannot do is allow all devices with an open auth command, allowing us to see the results of an authentication attempt for each device.
Post your Answer
You must be logged in to post an answer.