HPE Community
Switches, Hubs, and Modems
1753796 Members
7009 Online
108799 Solutions
New Discussion

Edge switch config - 802.1x

 
networknaz
Advisor

‎12-04-2007 12:22 AM

‎12-04-2007 12:22 AM

Edge switch config - 802.1x

Hi All,

I am implementing 802.1x with switch to switch.

My ques are

1. I am able to ping my core switch and getting all vlans by using GVRP and enabled ip routing.

2. But i am unable to ping my radius server error "network is unreachable on this VLAN".

3. How to configure a switch as Edge to get authenticated from core swith. as a supplicant.

4. Below is my Edge switch config


ip default-gateway 192.168.1.2
ip routing
snmp-server community "public" Unrestricted
vlan 1
name "DEFAULT_VLAN"
untagged 2-50
ip address 192.168.1.15 255.255.255.0
tagged 1
exit
gvrp
aaa authentication port-access eap-radius
aaa accounting network radius
radius-server host 172.16.24.2 key procurve
aaa port-access authenticator 2-50
aaa port-access supplicant 1
aaa port-access supplicant 1 identity "edge"
aaa port-access 2-50


Thanks

0 Kudos
1 REPLY 1
Jeff Carrell
Honored Contributor

‎12-10-2007 01:14 PM

‎12-10-2007 01:14 PM

Re: Edge switch config - 802.1x

well, a couple of questions:

1) if you do a 'show aaa port-access authe' on the core switch, what status is the port in that connects to the edge sw?

2) do you see an entry on the radius srvr that reflects a successful login from user "edge"?

also, 802.1x currently has no provision for controlling ports in 'tagged' state, only in the 'untagged' state....since your port is tagged in vlan1, this may be related to the problem you are seeing...however i would expect pings to work w/o 802.1x working....hmmm....

there is a new RFC being worked on to add tag/untag state in 802.1x...we may see it sometime in 2008, no idea when/if for sure (but procurve is a stds following org)...

look forward to see what the new info is...

hth...jeff
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.