Configuration restrictions and guidelines
When you enable parallel processing of MAC authentication and 802.1X authentication on a port, follow these restrictions and guidelines:
Make sure the port meets the following requirements:
The port is configured with both 802.1X authentication and MAC authentication and performs MAC-based access control for 802.1X authentication.
The port is enabled with the 802.1X unicast trigger.
For the port to perform MAC authentication before it is assigned to the 802.1X guest VLAN, enable new MAC-triggered 802.1X guest VLAN assignment delay.
For information about new MAC-triggered 802.1X guest VLAN assignment delay, see "Configuring 802.1X."
For the parallel processing feature to work correctly, do not enable MAC authentication delay on the port. This operation will delay MAC authentication after 802.1X authentication is triggered.
To configure both 802.1X authentication and MAC authentication on the port, use one of the following methods:
Enable the 802.1X and MAC authentication features separately on the port.
Enable port security on the port. The port security mode must be userlogin-secure-or-mac or userlogin-secure-or-mac-ext.
For information about port security mode configuration, see "Configuring port security."