HPE Community
Security e-Series
1753964 Members
7283 Online
108811 Solutions
New Discussion

HP 5500 Switch and HP 10504 issue ( Radius Authentication / partially solved )

 
NickChatz
Occasional Advisor

‎08-30-2016 01:19 AM - edited ‎08-30-2016 05:16 AM

‎08-30-2016 01:19 AM - edited ‎08-30-2016 05:16 AM

HP 5500 Switch and HP 10504 issue ( Radius Authentication / partially solved )

Good morning ,

For the past few months i am encountering an issue regarding our HP 5500-24G SI switches.Users could log in only only with local accounts and not through ssh with hig level privilege users ( netx@sof  / sof is one of our main application system) .

I was requested to proceed in firmware upgrade and as HP suggested this would solve the problem with the whole radius authentication issue but the problem remains ( A5500SI-CMW520-R2221P12.bin ) .

After upgrading both switches the users were able to log in to the HP 5500 switches using their credentials ( some forgot that it was needed after the username to add @sof so that was fixed ). The users who are trying to connect to the main switches HP 10504 they cant login through SSH only but some local accounts that were created. For security reasons i would like to remove the local accounts and give specified access to them . The Radius server ( NPS ) is up and running so i am thinking maybe there is something wrong with the RADIUS argument when users try to login via SSH to the main switch.

 

Any ideas?

 

===============================
If my answer helped you don't forget to Kudos
===============================
0 Kudos
2 REPLIES 2
parnassus
Honored Contributor

‎08-30-2016 01:29 PM

‎08-30-2016 01:29 PM

Re: HP 5500 Switch and HP 10504 issue ( Radius Authentication / partially solved )

Sorry, it's not clear: is your HPE A5500 SI Switch software version at A5500SI-CMW520-R2221P12 (which isn't the latest one since it was released during the second quarter of 2015) or what?

The latest software release (Posted on May, 27th 2016) for the JD369A HPE 5500-24G SI Switch is the A5500SI-CMW520-R2221P22 and, reading its Release Notes, there are some refrences to fixes regarding RADIUS/Authentication Servers.

It should worth a try if you haven't yet upgraded your Switch to that release.


I'm not an HPE Employee
Kudos and Accepted Solution banner
0 Kudos
NickChatz
Occasional Advisor

‎08-31-2016 01:30 AM

‎08-31-2016 01:30 AM

Re: HP 5500 Switch and HP 10504 issue ( Radius Authentication / partially solved )

As mentioned the firmware upgrade worked for the 5500 but currently having issues with the main/core switches with this firmware ( 10500-cmw520-r1208p12.bin) . Not well experienced with Radius Authentication but as i understand something might be wrong within the argument returning from the Radius server and users cant access the switch. Is this a possible reason?

 
===============================
If my answer helped you don't forget to Kudos
===============================
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.