HPE Community
IMC
1752734 Members
5564 Online
108789 Solutions
New Discussion

Default Cisco configurations for RADIUS within UAM and potential problems you may find...

 
Dape_
Occasional Contributor

‎03-12-2013 04:01 AM

‎03-12-2013 04:01 AM

Default Cisco configurations for RADIUS within UAM and potential problems you may find...

I've spent the better part of a month or so trying to figure out some issues regarding 802.1x.  My intent on writing this is to help anyone who encounters similar issues in the future so that they don't spend as much time on it as I did. 

 

Anybody implementing 802.1x with Cisco switches, Avaya telephones and using HP iMC UAM RADIUS functions? If you're using Cisco switches and you want to utilize guest-vlan, auth-fail vlan and server dead vlans, you have to run your 802.1x setup in multi-domain authentication mode (MDA) or else you will not have the failover vlan features.  In order for your Avaya phone (or any third party telephony solution) to be put into the correct vlan by the switch, it has to receive a vendor specific attribute (VSA) from the RADIUS server (HP iMC) to tell it what to do.  But here is the problem.....

 

The default configuration for Cisco devices within HP iMC has the Cisco vendor id listed with a value of "8".  The Cisco vendor id is in fact "9".  I had to recreate a vendor profile for Cisco with the correct information and now the whole thing works flawlessly.  Maybe HP can fix this with a software update or something.  Or maybe they're trying to sell more access switches, who knows...  ;)

 

I hope this helps anyone who might be encountering the same issues. 

0 Kudos
2 REPLIES 2
ISoliman
Super Advisor

‎12-17-2013 11:07 PM

‎12-17-2013 11:07 PM

Re: Default Cisco configurations for RADIUS within UAM and potential problems you may find...

Thanks for the info it is helpful :)

 

Hope that HP corrected the Vendor ID that you have mentioned

0 Kudos
Peter_Debruyne
Honored Contributor

‎12-20-2013 07:59 AM

‎12-20-2013 07:59 AM

Re: Default Cisco configurations for RADIUS within UAM and potential problems you may find...

Hi,

 

The Cisco Vendor ID has been updated in the latest versions, which allows you to add additional proprietary attributes as well. This issue is described in the release notes,

 

Best regards,Peter.

0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.