setup of 802.1x issues (1804 Views)
Reply
Occasional Contributor
oetker1
Posts: 6
Registered: ‎09-15-2009
Message 1 of 4 (1,804 Views)

setup of 802.1x issues

Hi,

 

I am looking at setting up 802.1x port authentication and having a couple of issues.

I am testing on just one port on a 5406 switch (K.15.12.0010)

 

so far I have;

 

aaa port-access authenticator F10

aaa authentication port-access eap-radius

radius-server host "IP address of local radius server"

aaa port-access authenticator active

 

There is a global certificate automatically installed on the PC's and matches that on the Radius server, but when I plug a PC into F10 the port is blocked by AAA

 

 

Port Access Authenticator Status

 

Port-access authenticator activated [No] : Yes  

Allow RADIUS-assigned dynamic (GVRP) VLANs [No] : No

 

Auths/  Unauth  Untagged Tagged           % In  RADIUS Cntrl   Port Guests  Clients VLAN     VLANs  Port COS  Limit ACL    Dir   ---- ------- ------- -------- ------ --------- ----- ------ -----  

F10  0/0     1       None     No     No        No    No     both

 

I 06/03/14 14:33:50 00435 ports: port F10 is Blocked by AAA

 

 

am I missing a peice of config or something very straight forward any help would be appreciated.

 

 

Please use plain text.
Occasional Contributor
oetker1
Posts: 6
Registered: ‎09-15-2009
Message 2 of 4 (1,800 Views)

Re: setup of 802.1x issues

just as a side note the Radius server is in VMware and is plugged into another switch, but I would of thought the Radius authentication would route to the correct switch
Please use plain text.
Occasional Visitor
Mixu
Posts: 1
Registered: ‎06-24-2014
Message 3 of 4 (1,492 Views)

Re: setup of 802.1x issues

Are you providing vlan information for switch port aswell or only enabling port for access only?

Would you post radius configuration also.

Please use plain text.
Honored Contributor
cenk sasmaztin
Posts: 1,435
Registered: ‎04-02-2008
Message 4 of 4 (1,414 Views)

Re: setup of 802.1x issues

 

 

switch configuration

 

aaa authentication port-access eap-radius
aaa accounting network start-stop radius
radius-server host  (radius ip and radius key)
aaa port-access authenticator F10
aaa port-access authenticator active

 

 

cenk

Please use plain text.
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation