Comware Based
cancel
Showing results for 
Search instead for 
Did you mean: 

Wired authentication configuration

Samir_FMC
Occasional Advisor

Wired authentication configuration

Hi All,

i have NPS server with ip 10.211.0.53

switch IP 10.211.10.18

i want to configure 802.1X for wired authentication to allow domain authenticated users to get connected to the LAN

how to configure this?

 

thanks

4 REPLIES
TerjeAFK
Respected Contributor

Re: Wired authentication configuration

Are you going to let the NPS server return the VLAN id when the user authenticates, or are you using just one VLAN so you can configure it statically on the switch?

Samir_FMC
Occasional Advisor

Re: Wired authentication configuration

No

i have only one vlan on each port....

the port type is access and vlan configured is vlan 11

TerjeAFK
Respected Contributor

Re: Wired authentication configuration

Try this:

# Define NPS server
radius-server host 10.211.0.53 key secretkey
aaa server-group radius "NPS" host 10.211.0.53

# Set unauth vlan as default on authenticator ports
vlan x untag 1-24

# Set selected authentication mode
aaa authentication port-access eap-radius server-group "NPS"

# Configure specified ports for authentication
aaa port-access authenticator 1-24

# Assign unauthenticated client VLAN to authenticator ports
aaa port-access authenticator 1-24 unauth-vid x

# Assign authenticated client VLAN to authenticator ports
aaa port-access authenticator 1-24 auth-vid y

# Activate authentication on assigned ports with configured options
aaa port-access authenticator active

 

Samir_FMC
Occasional Advisor

Re: Wired authentication configuration

hi thanks for your answer but my switch is HP A5500 

these commands doesnt apply 

could you please post the one used on A5500 switch?

 

regards,