- Community Home
- >
- Networking
- >
- Switching and Routing
- >
- LAN Routing
- >
- Re: MAC address authentication on HPE switch 2610-...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-21-2019 11:51 PM
тАО02-21-2019 11:51 PM
MAC address authentication on HPE switch 2610-24-PWR
hello everyone,
i am facing issue with mac address authentication. To be more specific, problem is the format in which mac address is sent to radius server.
here is the config from switch
aaa port-access mac-based 9
aaa port-access mac-based 9 reauth-period 36000
if i am not mistaken, the default type in which mac addresses are sent is no-delimiter, that is totally fine. i added to ISE (radius server) new client with mac address 00809f6810bd, however in logs i see that the switch sends client's mac address in format 00:80:9F:68:10:BD, thus authentication failed.
am i missing something? of course i tried to use another types of mac address format but the result is still the same.
I have also latest firmware on switch - R.11.122.
Thanks for your suggestions!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-24-2019 09:55 PM
тАО02-24-2019 09:55 PM
Re: MAC address authentication on HPE switch 2610-24-PWR
Hi,
Check if switch is supporting the following command.
aaa port-access mac-based addr-format
Configuring a MAC-based address format
Syntax:
aaa port-access mac-based addr-format <no-delimiter|single-dash|multi-dash|multi-colon|no-delimiter-uppercase|single-dash-uppercase|multi-dash-uppercase|multi-colon-uppercase>
Specifies the MAC address format used in the RADIUS request message. This format must match the format used to store the MAC addresses in the RADIUS server.
Default: no-delimiter
no-delimiter: specifies an aabbccddeeff format.
single-dash: specifies an aabbcc-ddeeff format.
multi-dash: specifies an aa-bb-cc-dd-ee-ff format.
multi-colon: specifies an aa:bb:cc:dd:ee:ff format.
no-delimiter-uppercase: specifies an AABBCCDDEEFF format.
single-dash-uppercase: specifies an AABBCC-DDEEFF format
multi-dash-uppercase: specifies an AA-BB-CC-DD-EE-FF format
multi-colon-uppercase: specifies an AA:BB:CC:DD:EE:FF format
I am an HPE Employee
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-25-2019 11:34 PM - last edited on тАО03-05-2019 11:43 PM by Parvez_Admin
тАО02-25-2019 11:34 PM - last edited on тАО03-05-2019 11:43 PM by Parvez_Admin
Re: MAC address authentication on HPE switch 2610-24-PWR
hello @drk787 , great to have you here :)
yes, swttch supprts aaa port-access mac-based addr-format command, i chosed no-delimiter option,. When i checked the config, the command aaa port-access mac-based addr-format no-delimiter was not shown, i guess it is hidden command or default option. I tried to use also no-delimiter-uppercase option, i was able to find these command in config then, but mac addresses received on radius server did not match neither no-delimiter not no-delimiter-uppercase format.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-05-2019 01:42 AM
тАО03-05-2019 01:42 AM
Re: MAC address authentication on HPE switch 2610-24-PWR
anyone having this issue? i still do not know how to solve it :( it looks like the command aaa port-access mac-based addr-format does not do his job!