Understanding 802.1X Static MAC on EX-series Switches
Enterprise LANS support many different types of devices. Along with 802.1X-enabled devices, non-802.1X enabled devices, such as building access control readers, printers, and HVAC systems, must have reliable access to the LAN. These non-802.1X-enabled endpoints are known as non-responsive hosts.
To allow non-responsive hosts access to the LAN, use static MAC as a bypass mechanism for 802.1X authentication. When you configure static MAC, the MAC address of the host is first checked in a local database (a user configured static list of MAC addresses). If a match is found, the host is assumed to be successfully authenticated and the interface is opened up for it. No further authentication is done for that host.
The VLAN that the host should be moved to or the interfaces on which the host connect may also be configured.
The following diagram shows the authentication process for non-responsive hosts.
Figure 1: Process Flowchart for Non-Responsive Host Requests
