Switches, Hubs, and Modems
1748205 Members
4258 Online
108759 Solutions
New Discussion

NAP 802.1x EAP with Certificate - Deployment with Procurve "per User ACL"

 
StephanGee
Occasional Advisor

NAP 802.1x EAP with Certificate - Deployment with Procurve "per User ACL"

Hello,

 

maybe some procurve specialists are here. This is the problem what i'm encounter:

 

I've set up the VSA in NPS (2008 R2) like described in the "2910al Access & Security Guide".

 

Entry:

Vendor specific:

code: 11 vsa: 61

string:

HP-Nas-filter-Rule="permit in ip from any to 172.20.XX.XX/22"

Errors in the log of the router:

I 01/03/90 20:31:16 00699 idm: ACE parsing error, permit/deny keyword, aceIndex 1, client 2C4138074XXX, port 4
I 01/03/90 20:30:00 00699 idm: ACE parsing error, permit/deny keyword, aceIndex 1, client 2C4138074XXX, port 4
I 01/03/90 20:28:43 00699 idm: ACE parsing error, permit/deny keyword, aceIndex 1, client 2C4138074XXX, port 4

 

When i try it without the vendor entry. i get authenticated so there is no problem with the authentication.

 

Can anyone help me with this ?

 

Greets
Stephan