User name limitation that causes problem for MAC-Based Authentication

Options
PeterUK
PeterUK Posts: 4,227 image  Guru Member
250 Answers 2500 Comments Friend Collector Eighth Anniversary
edited October 26 in Security

FLEX 200

So I've been configuring with 802.1x with a Cisco switch and FLEX 200 as Authentication RADIUS Server even when I could use Cisco built in option.

So its really odd that my MAC was 08-00-27-EE-C7-AF but you can put that in FLEX200 because it must start with a letter so I change the MAC of the device to F8-00-27-EE-C7-AF and this worked.

I guess what I'm asking is please can you make it so user name can start with a number.

A side note for some odd reason the built in option for Authentication RADIUS Server on Cisco will not let you do 802.1x Based Authentication and MAC Based Authentication at the same time but if the RADIUS Server is to FLEX 200 it can.😏

All Replies

  • Zyxel_Tina
    Zyxel_Tina Posts: 399 image  Zyxel Employee
    Zyxel Certified Network Administrator - Security Zyxel Certified Network Administrator - Switch 50 Answers First Comment

    Hi @PeterUK,

    Thank you for posting!

    We would like to confirm your statement: "So it’s really odd that my MAC was 08-00-27-EE-C7-AF but you can’t put that in FLEX200…this worked." Could you please clarify whether you are referring to the configuration shown in Image 1 or Image 2 below? If neither applies, would you kindly provide a screenshot of the exact setting? This will help us better understand the issue and assist you accordingly.

    Image 1.

    image.png

    Image 2.

    image.png

    Zyxel Tina

  • PeterUK
    PeterUK Posts: 4,227 image  Guru Member
    250 Answers 2500 Comments Friend Collector Eighth Anniversary
    edited October 29

    hi Tina

    The MAC Authentication tab is to do with wireless clients only so it needs to be done on user tab with password.

    Screenshot 2025-10-29 103903.png
  • Zyxel_Tina
    Zyxel_Tina Posts: 399 image  Zyxel Employee
    Zyxel Certified Network Administrator - Security Zyxel Certified Network Administrator - Switch 50 Answers First Comment

    Hi @PeterUK,

    Thank you for your confirmation!

    After checking, this limitation comes from the architecture design of the ZLD OS, so it cannot be changed for existing models, including FLEX 200. However, we’ve forwarded your feedback as a feature request for the Flex H series, where our team will evaluate the possibility of allowing usernames to start with a number in future release.

    We appreciate your input—it helps us improve the platform for future developments.

    Zyxel Tina

  • PeterUK
    PeterUK Posts: 4,227 image  Guru Member
    250 Answers 2500 Comments Friend Collector Eighth Anniversary
    edited November 7

    Thanks for your reply

    I don't really can't see how this can be a limitation that can't be worked around? like you got MAC Authentication tab is to do with wireless clients and are able to start with a number. I think you can like make it so on user type as "MAC Authentication" not "user" with a password but has nothing to do with user login.

    what do you think?

Categories

Security Help Center

EnglishTiếng ViệtРусскийไทย中文(台灣)