- Community Home
- >
- Networking
- >
- Legacy
- >
- Switches, Hubs, Modems
- >
- Re: Problems in 802.1x, HP2650, (P)EAP and IAS Rad...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-21-2006 10:18 PM
тАО06-21-2006 10:18 PM
I have setting up 802.1x and IAS enviroment. Now in some reason i cannot log my username/password/domain combitation in my network. My 2650 sw H.08.98 only says "radius: Can't reach RADIUS server 192.168.0.103". When i ping it its response. There is no log information in IAS logs. My configuration is something like this:
interface 1
no lacp
exit
ip default-gateway 10.0.0.1
vlan 1
name "DEFAULT_VLAN"
untagged 48-50
no ip address
no untagged 1-47
exit
vlan 2
name "Management"
ip address 10.0.0.13 255.255.255.0
tagged 48
exit
vlan 10
name "VLAN10"
untagged 1
tagged 48
exit
vlan 20
name "VLAN20"
tagged 48
exit
vlan 30
name "VLAN30"
tagged 48
exit
vlan 99
name "Denied"
untagged 2-47
exit
aaa authentication num-attempts 5
aaa authentication port-access eap-radius
aaa authentication ssh enable radius local
radius-server dead-time 5
radius-server host 192.168.0.103 key xxxxxxx
primary-vlan 2
management-vlan 2
aaa port-access authenticator 1
aaa port-access authenticator active
Any suggestion what is maybe wrong. When i try to port-access chap-radius, then log says something, but i want use PEAP.
Br,
Ville
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-22-2006 06:32 PM
тАО06-22-2006 06:32 PM
Re: Problems in 802.1x, HP2650, (P)EAP and IAS Radius.
Use sniffer on the radius server for troubleshooting. Good one is Packetyzer with (radius) filter.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-24-2006 10:25 PM
тАО06-24-2006 10:25 PM
Re: Problems in 802.1x, HP2650, (P)EAP and IAS Radius.
Take a look at Event Viewer, System. This should provide some information on IAS log. If you are getting NAS-IP-Address: 127.0.0.1, then its the share secret key. Go to IAS, RADIUS Client, and provide the switch ip address as well as the share secret.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-25-2006 05:30 PM
тАО06-25-2006 05:30 PM
Re: Problems in 802.1x, HP2650, (P)EAP and IAS Radius.
As i wrote "When i try to port-access chap-radius, then log says something". I have setup Enterasys devices to use IAS with PEAP and those works. I have also triple checked shared secret. I have also sniffed that traffic and it seems to be ok. It seems that IAS dont care PEAP authentication, when access request comes HP swithes. Any other suggestion?
Br,
Ville
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-26-2006 02:56 AM
тАО06-26-2006 02:56 AM
Re: Problems in 802.1x, HP2650, (P)EAP and IAS Radius.
You definitely must see an event in the event log (for example unsupported message type). You can also use "iasparse" tool from the resource kit.
Make sure IAS works at all. You can implement administrator authentication via Radius and check if it working.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-03-2006 03:09 AM
тАО08-03-2006 03:09 AM
Re: Problems in 802.1x, HP2650, (P)EAP and IAS Radius.
Try downgrading the Firmware. We have seen the same problem on the 5304's. We downgraded the firmware and everything worked.
bc
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-03-2006 07:13 AM
тАО08-03-2006 07:13 AM
SolutionPlease downgrade to a version of code before H.08.95. The next version of code released on the web should have a fix included for PEAP, these will be release numbers greater than H.08.103. I suspect that using one of these code releases will fix your problem.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-18-2006 06:37 AM
тАО08-18-2006 06:37 AM