Aruba & ProVision-based
cancel
Showing results for 
Search instead for 
Did you mean: 

HP command 802.1x

 
alamri
Visitor

HP command 802.1x

Hello,

Recently we are depolying NAC solution on our network, and we are getting requested from NAC team about radius configuration on our HP procurve switch, so Can you Provide us the recommand command of Switches RADIUS template , please?

ProCurve J9087A Switch 2610-24-PWR
Software revision R.11.25

3 REPLIES 3

Re: HP command 802.1x

Hello

Please check the following configuration example

https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c02642107

on page 5 you can find the commands to configure the IP address and shared secret of the RADIUS server and also the commands to enable 802.1x on an interface. The example is for another model but the commands should be the same, maybe only the interface numbers will differ.

I am an HPE employee

Accept or Kudo


alamri
Visitor

Re: HP command 802.1x

hi,

 

Thanks for reply,  the model of switch 2610-24-PWR and version R.11.25, so these command not working with our hp switch, Can you provide me the right command for this model and version please?

 

thank you

Re: HP command 802.1x

Hello, 

Thanks for your response!

The command syntax should be the same. I am attaching the link to the Access Security Guide for 2610 and 2610-PWR

https://internal.support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c02564179&withFrame

The command to specify which RADIUS server should the switch use for authentication was

5400zl(config )# radius-server host 10.1.10.10 key procurve

If you go to page 67, 68 and 69 (page of the PDF file) of the Access Security Guide you will find the same command.

The following command specifies how the switch authenticates the credentials provided by the user. The EAP protocol is used when we have 802.1x authentication.

5400zl(config )# aaa authentication port-access eap-radius

If you go to page 348 of the Access Security Guide you will find the same command there.

The next command enables 802.1x authentication on the ports A1 till A24.

5400zl(config )# aaa port-access authenticator A1-A24

On page 342 Access Security Guide you can find the same command. The only difference would be the format of the interface numbers. On 2610 the interfaces will be numbered 1 to 24 (without A which is specific to modular switches like 5406zl)

And the last command enables 802.1x globally on the switch

5400zl(config )# aaa port-access authenticator active

You can find this on page 350 of the Access Security Guide

If you cannot find this commands on your switch, please share CLI output of how exactly you are entering the commands and what errors are displayed.

I am an HPE employee

Accept or Kudo