- Community Home
- >
- Networking
- >
- Legacy
- >
- Switches, Hubs, Modems
- >
- Mac-based Radius Configuration.
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-16-2007 03:39 AM
тАО10-16-2007 03:39 AM
I have tried the setting that others in the forums have used, but is still not working for me.
This is my setup.
Error:
User 000bdb7bdcbe was denied access.
Fully-Qualified-User-Name = xxx.xxx.xx.xx/Users/000bdb7bdcbe
NAS-IP-Address = 192.168.134.37
NAS-Identifier = Radius Test Switch
Called-Station-Identifier = 00-30-6e-e3-71-ff
Calling-Station-Identifier = 00-0b-db-7b-dc-be
Client-Friendly-Name = Radius test
Client-IP-Address = 192.168.134.37
NAS-Port-Type = Ethernet
NAS-Port = 1
Proxy-Policy-Name = Radius Domain Test
Authentication-Provider = Windows
Authentication-Server =
Policy-Name = Radius Test 1
Authentication-Type = MD5-CHAP
EAP-Type =
Reason-Code = 66
Reason = The user attempted to use an authentication method that is not enabled on the matching remote access policy.
In IAS, setup radius Client, which is the HP 2650, with ip address and secret name, triple checked secret name.
Remote access policies:
Windows Group Matches, Domain\Radius Access Group
Allow Access on through: Ethernet
Authentication: EAP Methods: MD5-Challenge
Encryption all checked.
Went through the 2600-*.pdf to set up switch for mac-based authentication.
What is the Vendor ID for the 2650?
Advanced:
Service type: Framed
Tunnel-Medium-Type: 802
Tunnel-PVT-Group-ID: 903 (VLAN ID)
Tunnel-Type: Virtual LANS
Framed-Protocol: PPP
Granted Remote Access Permission
Any help would be greatly appreciated
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-16-2007 07:41 PM
тАО10-16-2007 07:41 PM
SolutionSome of the thing that you can check for -
(1) The username/password for a MAC auth user should be the MAC address itself
(2) In the "Remote Access Profile", check for the -
Settings Tab
- Add Policy condition for NAS Port Type
matching "Ethernet"
Dial-in Constraints Tab
- Select "Allow access only through these media (NAS-Port-Type)
- Select "Ethernet"
Authentication Tab
- CHAP option should be selected
- If you have some other authentication
enabled on the switch then, select them
as well in this tab
Advanced Tab
- Framed-Protocol (Radius Standard) PPP
- Service Type (Radius Standard) Framed
(3) In "Connection Request Policies" under
IAS->Connection Request Processing -
- Use Windows authentication for all users
- Add Policy condition as "Ethernet"
I have similar setup at my end and im able to see the users authentication via MAC-Auth.
Please let me know if the things mentioned did help.
Thanks,
Nameesh.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-17-2007 12:18 AM
тАО10-17-2007 12:18 AM
Re: Mac-based Radius Configuration.
1. the username and password are the same.
2. Done, only want to use the MD5 Challenge
3. Unable to find use windows authentication in that section.
Thanks
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-17-2007 01:24 AM
тАО10-17-2007 01:24 AM
Re: Mac-based Radius Configuration.
It is working now.
Thanks
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-17-2007 05:43 AM
тАО10-17-2007 05:43 AM
Re: Mac-based Radius Configuration.
Thats great !!
Did you do anything different to make it
work or did the steps that I sent help you ?
Cheers,
Nameesh.
Ps:
Don't forget to give the points :)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-17-2007 07:08 AM
тАО10-17-2007 07:08 AM
Re: Mac-based Radius Configuration.
Works great.
Thanks
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-17-2007 07:22 AM
тАО10-17-2007 07:22 AM