setup of 802.1x issues (8160 Views)
Reply
Occasional Contributor
Posts: 7
Registered: ‎09-15-2009
Message 1 of 4 (8,160 Views)

setup of 802.1x issues

Hi,

 

I am looking at setting up 802.1x port authentication and having a couple of issues.

I am testing on just one port on a 5406 switch (K.15.12.0010)

 

so far I have;

 

aaa port-access authenticator F10

aaa authentication port-access eap-radius

radius-server host "IP address of local radius server"

aaa port-access authenticator active

 

There is a global certificate automatically installed on the PC's and matches that on the Radius server, but when I plug a PC into F10 the port is blocked by AAA

 

 

Port Access Authenticator Status

 

Port-access authenticator activated [No] : Yes  

Allow RADIUS-assigned dynamic (GVRP) VLANs [No] : No

 

Auths/  Unauth  Untagged Tagged           % In  RADIUS Cntrl   Port Guests  Clients VLAN     VLANs  Port COS  Limit ACL    Dir   ---- ------- ------- -------- ------ --------- ----- ------ -----  

F10  0/0     1       None     No     No        No    No     both

 

I 06/03/14 14:33:50 00435 ports: port F10 is Blocked by AAA

 

 

am I missing a peice of config or something very straight forward any help would be appreciated.

 

 

Occasional Contributor
Posts: 7
Registered: ‎09-15-2009
Message 2 of 4 (8,156 Views)

Re: setup of 802.1x issues

just as a side note the Radius server is in VMware and is plugged into another switch, but I would of thought the Radius authentication would route to the correct switch
Occasional Visitor
Posts: 1
Registered: ‎06-24-2014
Message 3 of 4 (7,848 Views)

Re: setup of 802.1x issues

Are you providing vlan information for switch port aswell or only enabling port for access only?

Would you post radius configuration also.

Honored Contributor
Posts: 1,435
Registered: ‎04-02-2008
Message 4 of 4 (7,770 Views)

Re: setup of 802.1x issues

 

 

switch configuration

 

aaa authentication port-access eap-radius
aaa accounting network start-stop radius
radius-server host  (radius ip and radius key)
aaa port-access authenticator F10
aaa port-access authenticator active

 

 

cenk

The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.