Switches, Hubs, and Modems
cancel
Showing results for 
Search instead for 
Did you mean: 

HP ProCurve 2600 Series Switch - Multiple IEEE 802.1X users per port

maciek80
Occasional Visitor

HP ProCurve 2600 Series Switch - Multiple IEEE 802.1X users per port

Hi,

I found a document http://www.andovercg.com/datasheets/hp-procurve-2600-series.pdf that says:

NEW Authentication flexibility: - Multiple IEEE 802.1X users per port: provides authentication of up to eight IEEE 802.1X users per port; prevents user "piggybacking" on another user's IEEE 802.1X authentication.

 

I have a HP ProCurve 2650 switch and can't get this feature to work.

Relevant part of the config looks like this:

 

aaa authentication port-access eap-radius
radius-server key password
radius-server host 192.168.0.1
aaa port-access authenticator 1
aaa port-access authenticator 1 quiet-period 30
aaa port-access authenticator 1 tx-period 15
aaa port-access authenticator 1 client-limit 8
aaa port-access authenticator active

 

There are two computers connected to this port via unmanaged switch. When both of them are supposed to be in the same VLAN (both of them are compliant) everything works fine - both of them get an IP from DHCP server. But if they should go to different VLANs then one of them doesn't get an IP address.

 

Radius is a NPS on Windows 2008 R2 Server. Workstations are Windows XPs.

 

What am I missing in the configuration?