- Community Home
- >
- Networking
- >
- Switching and Routing
- >
- Aruba & ProVision-based
- >
- 802.1x problem with switch as supplicant
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-06-2018 11:18 AM
06-06-2018 11:18 AM
802.1x problem with switch as supplicant
I'm running 802.1x in my network and the Windows clients are authenticated without any problem. But now i want to put a new switch B in switch A.
Switch B will act as an supplicant and I have configured it with relevent data.
On switch A i have the config aaa authentication port-access eap-radius.
When switch B are trying to authorize I got an error on the radius server. I think this is related to my certificate. I have a self signed certificate on the radius and I have also tried with our real certificate from GoDaddy, this is an wildcard and I think i could not be an wildcard on the radius for the EAP to work?
User: Security ID: xxxxxxxxxxxxxxxx Account Name: xxxxxxxxxxxxxxxx Account Domain: xxxxxxxxxxxxxxxx Fully Qualified Account Name: xxxxxxxxxxxxxxxx Client Machine: Security ID: NULL SID Account Name: - Fully Qualified Account Name: - Called Station Identifier: xxxxxxxxxxxxxxxx Calling Station Identifier: xxxxxxxxxxxxxxxx NAS: NAS IPv4 Address: xxxxxxxxxxxxxxxx NAS IPv6 Address: - NAS Identifier: xxxxxxxxxxxxxxxx NAS Port-Type: Ethernet NAS Port: 6 RADIUS Client: Client Friendly Name: xxxxxxxxxxxxxxxx Client IP Address: xxxxxxxxxxxxxxxx Authentication Details: Connection Request Policy Name: Use Windows authentication for all users Network Policy Name: Test switch SUPPLICANT Authentication Provider: Windows Authentication Server: xxxxxxxxxxxxxxxx Authentication Type: EAP EAP Type: - Account Session Identifier: - Logging Results: Accounting information was written to the local log file. Reason Code: 22 Reason: The client could not be authenticated because the Extensible Authentication Protocol (EAP) Type cannot be processed by the server.
If I change aaa authentication port-access eap-radius to aaa authentication port-access chap-radius the switch is granted access but the windows clients want to have eap-radius to work.
So my question are do I need to have an real certificate on my radius or can I have my self signed?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-06-2018 11:09 PM
06-06-2018 11:09 PM
Re: 802.1x problem with switch as supplicant
I have figured out that the switch are using EAP-MD5 can I get the switch to use EAP-PEAP?