HPE Community
Comware Based
1751978 Members
4506 Online
108784 Solutions
New Discussion юеВ

Re: problem radius authentication (NPS) for an H3C Switch S3600-SI

 
Candema1
Occasional Advisor

тАО02-16-2017 06:30 AM

тАО02-16-2017 06:30 AM

problem radius authentication (NPS) for an H3C Switch S3600-SI

Hello, I have a problem radius authentication (NPS) for an H3C Switch S3600-SI. I have an Access-Reject (3) information on the Radius server with Wireshark. In the Access-Request information, I have information, vendor specific (26), v: Huawei Technology Co, Ltd (2011). Huawei connect-ID (26): 8

I added in request Radius, a vendor-specific (26) with vendor-code (2011) but I do not know what to put in configure attribute.

Do you have a solution to my pb?

thanks

Mathieu

0 Kudos
4 REPLIES 4
johnk3r
Respected Contributor

тАО03-02-2017 06:49 AM

тАО03-02-2017 06:49 AM

Re: problem radius authentication (NPS) for an H3C Switch S3600-SI

Hello!

How is your switch configuration?

I recommend you use NTRadPing to validate the configuration of your Radius server.

**************************************
ATP FLEXNETWORK V3 | ACSA
0 Kudos
Candema1
Occasional Advisor

тАО03-02-2017 07:26 AM

тАО03-02-2017 07:26 AM

Re: problem radius authentication (NPS) for an H3C Switch S3600-SI

Hello,

There is my configuration:

H3C Comware Platform Software
Comware Software, Version 3.10, Release 1702P44
Copyright (c) 2004-2013 Hangzhou H3C Technologies Co., Ltd. All rights reserved.
H3C S3600-28P-PWR-SI

 sysname H3C
#
radius scheme system
radius scheme radius1
 server-type extended
 primary authentication 172.24.3.51 key cipher $c$3$7LB8/u/L8nqGThpfUrRoQZtnBz9WlZwz66QM
 primary accounting 172.24.3.51 key cipher $c$3$dX2eVvAe7Y0fT6yIt/yh14b8NDqXLfITDR27
#
domain system
 authentication radius-scheme radius1 local
 authorization local
 accounting radius-scheme radius1 local
#
local-user admin
 password cipher $c$3$BI/qC84VEaBDx7oPbWjT+r6ZFjqOIv9BqlsN
 service-type ssh telnet terminal
 level 3
local-user read
 password cipher $c$3$+WbSrqtii4TLaFFkeFSlk8hiznxTXuZhZZYk
 service-type ssh telnet terminal
 level 1
#
vlan 1
#
interface Vlan-interface1
 ip address 172.24.3.15 255.255.255.0
#
interface Aux1/0/0
#
interface Ethernet1/0/1
 poe enable
#
interface Ethernet1/0/2
 poe enable
#
interface Ethernet1/0/3
 poe enable
#
interface Ethernet1/0/4
 poe enable
#
interface Ethernet1/0/5
 poe enable
#
interface Ethernet1/0/6
 poe enable
#
interface Ethernet1/0/7
 poe enable
#
interface Ethernet1/0/8
 poe enable
#
interface Ethernet1/0/9
 poe enable
#
interface Ethernet1/0/10
 poe enable
#
interface Ethernet1/0/11
 poe enable
#
interface Ethernet1/0/12
 poe enable
#
interface Ethernet1/0/13
 poe enable
#
interface Ethernet1/0/14
 poe enable
#
interface Ethernet1/0/15
 poe enable
#
interface Ethernet1/0/16
 poe enable
#
interface Ethernet1/0/17
 poe enable
#
interface Ethernet1/0/18
 poe enable
#
interface Ethernet1/0/19
 poe enable
#
interface Ethernet1/0/20
 poe enable
#
interface Ethernet1/0/21
 poe enable
#
interface Ethernet1/0/22
 poe enable
#
interface Ethernet1/0/23
 poe enable
#
interface Ethernet1/0/24
 poe enable
#
interface GigabitEthernet1/1/1
#
interface GigabitEthernet1/1/2
#
interface GigabitEthernet1/1/3
#
interface GigabitEthernet1/1/4
#
 undo irf-fabric authentication-mode
#
interface NULL0
#
 voice vlan mac-address 0001-e300-0000 mask ffff-ff00-0000
#
 ip route-static 0.0.0.0 0.0.0.0 172.24.3.1 preference 60
#
 ssh authentication-type default all
#
user-interface aux 0 7
user-interface vty 0 4
 authentication-mode scheme
#
return

What is the username to fill in NTRADPING?

My Radius server run with HP Procurve, 5130, 3600 V2, A5500

Thanks

0 Kudos
16again
Respected Contributor

тАО03-03-2017 10:53 AM

тАО03-03-2017 10:53 AM

Re: problem radius authentication (NPS) for an H3C Switch S3600-SI

Look into windows event log, it might give you clues what goes wrong

0 Kudos
Candema1
Occasional Advisor

тАО03-15-2017 06:21 AM

тАО03-15-2017 06:21 AM

Re: problem radius authentication (NPS) for an H3C Switch S3600-SI

Hello,

I still have the problem, how to test with NTRADping the switch connexion please?

Thanks

Mathieu

0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.