UniFi Video is a legacy product line.

This application and its related devices will no longer receive any manner of technical support, including functional and security updates. Additionally, there will be no further updates to Help Center content pertaining to UniFi Video.

UniFi Network - 802.1X Control (Advanced)

This article describes how to configure 802.1X Control on UniFi switches to authenticate wired client devices. 

Requirements & Notes

  • A UniFi gateway or UniFi OS Console with a built-in gateway is required to run RADIUS.
  • A third-party RADIUS server can be used by creating a new RADIUS profile.
  • 802.1X Control mode 'Auto' requires the usage of a third-party RADIUS server.
  • The fallback VLAN is used when a client device fails to authenticate.

Configuring MAC-Based Authentication

1. Enable 802.1X Control for all or individual UniFi switches and optionally specify the Fallback VLAN.

  • All - Settings > Networks > Global Switch Settings > 802.1X Control
  • Individual - UniFi Devices > select switch > Settings > Advanced > 802.1X Control

2. Select the Default RADIUS profile when using a UniFi gateway or Create New RADIUS profile when using a third-party RADIUS server.

3. Create the RADIUS users that match the MAC addresses of the wired clients.

Settings > Profiles > RADIUS > Default > Create New RADIUS User

  • Username - Mac address in capital letters without any dashes or colons, for example ABCDEF123456.
  • Password - Mac Address in capital letters without any dashes or colons, for example ABCDEF123456.
  • VLAN ID - 0
  • Tunnel Type - None
  • Tunnel Medium Type - None


4. Create a new Port Profile and select MAC-based under the Advanced settings.

Settings > Profiles > Switch Ports > Create New Port Profile

  • Native Network - Default or specific network
  • Allowed Networks - None
  • Voice Network - None
  • 802.1X Control (Advanced) - MAC-based


5. Apply the 802.1X Control profile to the port(s) on the UniFi switch where a wired client device is connected.

UniFi Devices > select switch > Ports > Port Manager > select port(s) > Port Profile 

Was this article helpful?
111 out of 264 found this helpful