- Download
Software
- Research a
Problem - Case Management
- Communities and Forums
- Contract & Product Management
- Technical Documentation Advanced Search
- Documentation Feedback Form
- Documentation Symbols Key
- End-of-Life Products
- Guidelines and Policies
- Security Resources
Juniper was the first North American IP routing vendor to achieve the prestigious TL 9000 certification by the Quality of Excellence for Suppliers of Telecommunications (QuEST) Forum in the router category, for design, development, provision and service and support.
What is J-Care?
It's the world-class service and support that you expect from a company that delivers the industry's best infrastructure and security products. With J-Care, you now have the confidence knowing that Juniper will do our part to keep you on top of the world!
Understanding 802.1X Static MAC on EX-series Switches
Enterprise LANS support many different types of devices. Along with 802.1X-enabled devices, such as VoIP telephones and laptops, non-802.1X enabled devices, such as building access control readers, printers, and HVAC systems must have reliable access to the LAN . These non-802.1X-enabled endpoints are known as non-responsive hosts.
To preserve the security of the LAN, you use MAC-based authentication as a bypass mechanism to authenticate non-responsive hosts. MAC-based authentication connects the non-responsive hosts to 802.1X-enabled ports, bypassing 802.1X authentication. The MAC address of the nonresponsive host is configured as a static MAC address in a local database which contains a list of user-configured static MAC addresses. The JUNOS software sends An EAPOL Request/Identity message to the non-responsive host. If the MAC-address returned by the non-responsive host matches the MAC-address in the local database, the software opens a port for the non-responsive host.
The following diagram shows the authentication process for non-responsive hosts.
Figure 1: Process Flowchart for Non-Responsive Host Requests
