Security e-Series
1748242 Members
4013 Online
108759 Solutions
New Discussion

Re: 802.1X Hp Procurve 2524

 
batz
New Member

802.1X Hp Procurve 2524

Hello,

 

I'm configuring 802.1X in remote office with radius authentication. The radius server is in HQ.

 

This is my configuration:

 

 

; J4813A Configuration Editor; Created on release #F.04.08
hostname "HP ProCurve Switch 2524" 
time daylight-time-rule None 
cdp run 
interface 24 
   no lacp
exit
ip default-gateway 10.X.X.3 
snmp-server community "public" Unrestricted 
vlan 1 
   name "DEFAULT_VLAN" 
   untagged 1-26 
   ip address 10.X.X.17 255.255.X.0 
   exit 
vlan 100 
   name "VLAN100" 
   exit 
no stack 
aaa authentication port-access eap-radius 
aaa accounting update periodic 10 
radius-server dead-time 5 
radius-server timeout 3 
radius-server retransmit 4 
radius-server key XXXXXXX 
radius-server host 192.168.X.X key Sw10801b 
aaa port-access authenticator active
aaa port-access authenticator 24
aaa port-access authenticator 24 control authorized
aaa port-access authenticator 24 reauth-period 10
password manager
password operator

 

I have another cisco swithes and works correctly then I think the issue is in the switch.

 

In the firewall I see the next error:

 

161: 08:01:23.393717 192.168.X.X (radius host) > 10.X.X.17(switch):  icmp: 192.168.1X.X (server radius) udp port 1812 unreachable 

 

thanks in advance

2 REPLIES 2
Helper
Valued Contributor

Re: 802.1X Hp Procurve 2524

Hi,

 

First of all, upgrade your switch to F.05.72.

http://h10144.www1.hp.com/customercare/support/software/summarypages/f-j4812-c.htm

 

Your version is really old and many bugs relevant to Dot1x have been solved.

 

IMPORTANT:
Starting with software version F.05.50, FEC trunks (Cisco Systems’ Fast EtherChannel for aggregated links) are no longer supported, and generation of CDP (Cisco Discovery Protocol) packets are no longer supported. In their place are IEEE standards-based LACP aggregated links (as well as statically configured trunks) and generation of LLDP packets for device discovery. For more information, see the ProCurve Networking statement on standards-based configuration for link aggregation and device discovery.

http://ftp.hp.com/pub/networking/software/LLDP-and-LACP-statement.pdf

 

Bye.

jabi
New Member

Re: 802.1X Hp Procurve 2524

Ok, thanks