Switches, Hubs, and Modems
cancel
Showing results for 
Search instead for 
Did you mean: 

Reg:ldap authentication

SOLVED
Go to solution

Reg:ldap authentication

Dear sir,

Iam having hp-3500yl and hp-2510-24 and radius server.

Now i configured the 3500yl for radius authentication its working fine now i want connect 3500yl to 2510-24 switch .

How can i configure 2510-24 switch to act as client switch.
i attached my 3500yl config.
Regards
srini
9246571397
6 REPLIES
cenk sasmaztin
Honored Contributor
Solution

Re: Reg:ldap authentication

hi sirni please send me 3500 and one 2510 sh config print.

cenk
cenk

Re: Reg:ldap authentication

Dear sir,

Thank u very much for ur coperation and i given my current setup and l3(3500yl)and 2510(l2) config also.
iam requesting u plz go through the attchment and give me ur suggession .

So that i am very great full to u if don this.

Thanks&Regards
srini
cenk sasmaztin
Honored Contributor

Re: Reg:ldap authentication

hi Srini

I no read your attach
what is this ?
I want read 3500 and 2510 show run print

cenk
cenk

Re: Reg:ldap authentication

Dear Sir,

This is my current setup--Hi,


Current Setup:

uplink 26 uplink 24 DHCP/
PC -----> L2 -----> L3 ------> RADIUS
WinXP 2510 3500yl SERVER
192.168.1.165



PFA config of 2510 and 3500yl ... what else need to be done
so that PC users can be assigned a VLAN based on 802.1x authentication

Thanks in advance,
And config of 3500yl--
hostname "ProCurve Switch 3500yl-24G"
ip default-gateway 192.168.1.165
ip routing
snmp-server community "public" Unrestricted
vlan 1
name "DEFAULT_VLAN"
untagged 1-4,6-14,16-24
ip address 192.168.0.1 255.255.255.0
no untagged 5,15
exit
vlan 10
name "vlan1"
untagged 5
ip helper-address 192.168.1.165
ip address 192.168.1.1 255.255.255.0
tagged 24
exit

vlan 20
name "valn2"
untagged 15
ip helper-address 192.168.1.165
ip address 192.168.2.1 255.255.255.0
tagged 24
exit
vlan 30
name "vlan3"
ip helper-address 192.168.1.165
ip address 192.168.3.1 255.255.255.0
tagged 24
exit

primary-vlan 10

aaa port-access authenticator active


1HProCurve Switch 3500yl-24G#Running configuration:


; J9019A Configuration Editor; Created on release #Q.10.01


hostname "ProCurve Switch 2510-24"

snmp-server community "public" Unrestricted

snmp-server host 192.168.1.165 "public"

vlan 1

name "DEFAULT_VLAN"

untagged 1-4,6-14,16-26

ip address 192.168.0.2 255.255.255.0

no untagged 5,15

exit

vlan 10

name "vlan1"

untagged 5
tagged 26


exit

vlan 20

name "VLAN2"

untagged 15
tagged 26


exit

vlan 30

name "vlan3"

tagged 26

exit

aaa authentication port-access eap-radius

radius-server host 192.168.1.165 key test

primary-vlan 10

aaa port-access authenticator 5,15

aaa port-access authenticator 5 unauth-vid 10

aaa port-access authenticator 15 unauth-vid 10

aaa port-access authenticator active

aaa port-access supplicant 5,15


1HProCurve Switch 2510-24#


plz help me in this i will be very very thankfull and greatfull to u.

Thanks&Regards
srini

2510 CONFIG-----




cenk sasmaztin
Honored Contributor

Re: Reg:ldap authentication

Hi Srini
we talk about your configuration, in this case very composite
therefore I create new config will for you .

below config for 3500 and 2510 at the same time you can make radius ,ias and dhcp server config
not:for dhcp server config you must be make two scobe vlan 1 and vlan 4
authentication user take ip address vlan1 scobe
unauthentication user take ip address vlan 4 scobe

cenk

-----------------------------------------------
3500-3500-3500-3500
-----------------------------------------------
hostname "3500"
interface 1
no lacp
exit
interface 2
no lacp
exit
interface 3
no lacp
exit
interface 4
no lacp
exit
interface 5
no lacp
exit
interface 6
no lacp
exit
interface 7
no lacp
exit
interface 8
no lacp
exit
interface 9
no lacp
exit
interface 10
no lacp
exit
interface 11
no lacp
exit
interface 12
no lacp
exit
interface 13
no lacp
exit
interface 14
no lacp
exit
interface 15
no lacp
exit
ip routing
snmp-server community "public" Unrestricted
vlan 1
name "foruser"
untagged 1-15,18-19,21-26
ip address 192.168.0.1 255.255.255.0
no untagged 16-17,20
exit
vlan 2
name "forserver"
untagged 16
ip address 192.168.1.1 255.255.255.0
ip helper-address 192.168.1.165
tagged 24
exit
vlan 3
name "xxx1"
untagged 17
ip address 192.168.2.1 255.255.255.0
ip helper-address 192.168.1.165
tagged 24
exit
vlan 4
name "xxx2"
ip address 192.168.3.1 255.255.255.0
ip helper-address 192.168.1.165
tagged 24
exit
vlan 40
name "formanagemet"
untagged 20
ip address 10.0.0.1 255.255.255.0
tagged 24
exit
aaa authentication port-access eap-radius
aaa accounting network start-stop radius
radius-server host 192.168.1.165 key test
management-vlan 40
aaa port-access authenticator 1-15
aaa port-access authenticator 1 auth-vid 1
aaa port-access authenticator 1 unauth-vid 4
aaa port-access authenticator 2 auth-vid 1
aaa port-access authenticator 2unauth-vid 4
aaa port-access authenticator 3 auth-vid 1
aaa port-access authenticator 3 unauth-vid 4
aaa port-access authenticator 4 auth-vid 1
aaa port-access authenticator 4 unauth-vid 4
aaa port-access authenticator 5 auth-vid 1
aaa port-access authenticator 5 unauth-vid 4
aaa port-access authenticator 6 auth-vid 1
aaa port-access authenticator 6 unauth-vid 4
aaa port-access authenticator 7 auth-vid 1
aaa port-access authenticator 7 unauth-vid 4
aaa port-access authenticator 8 auth-vid 1
aaa port-access authenticator 8 unauth-vid 4
aaa port-access authenticator 9 auth-vid 1
aaa port-access authenticator 9 unauth-vid 4
aaa port-access authenticator 10 auth-vid 1
aaa port-access authenticator 10 unauth-vid 4
aaa port-access authenticator 11 auth-vid 1
aaa port-access authenticator 11 unauth-vid 4
aaa port-access authenticator 12 auth-vid 1
aaa port-access authenticator 12 unauth-vid 4
aaa port-access authenticator 13 auth-vid 1
aaa port-access authenticator 13 unauth-vid 4
aaa port-access authenticator 14 auth-vid 1
aaa port-access authenticator 14 unauth-vid 4
aaa port-access authenticator 15 auth-vid 1
aaa port-access authenticator 15 unauth-vid 4
aaa port-access 1-15

----------------------------------------------------------------
2510-2510-2510-2510
----------------------------------------------------------------


hostname "2510"
max-vlans 64
interface 1
no lacp
exit
interface 2
no lacp
exit
interface 3
no lacp
exit
interface 4
no lacp
exit
interface 5
no lacp
exit
interface 6
no lacp
exit
interface 7
no lacp
exit
interface 8
no lacp
exit
interface 9
no lacp
exit
interface 10
no lacp
exit
interface 11
no lacp
exit
interface 12
no lacp
exit
interface 13
no lacp
exit
interface 14
no lacp
exit
interface 15
no lacp
exit
interface 16
no lacp
exit
interface 17
no lacp
exit
interface 18
no lacp
exit
interface 19
no lacp
exit
interface 20
no lacp
exit
snmp-server community "public" Unrestricted
vlan 1
name "foruser"
untagged 1-20,23-25
no ip address
tagged 26
no untagged 21-22
exit
vlan 3
name "xxx1"
untagged 21
tagged 26
exit
vlan 4
name "xxx2"
untagged 22
tagged 26
exit
vlan 40
name "formanagem"
ip address 10.0.0.2 255.255.255.0
tagged 26
exit
aaa authentication port-access eap-radius
aaa accounting network start-stop radius
radius-server host 192.168.1.165 key test
management-vlan 40
aaa port-access authenticator 1-20
aaa port-access authenticator 1 auth-vid 1
aaa port-access authenticator 1 unauth-vid 4
aaa port-access authenticator 2 auth-vid 1
aaa port-access authenticator 2 unauth-vid 4
aaa port-access authenticator 3 auth-vid 1
aaa port-access authenticator 3 unauth-vid 4
aaa port-access authenticator 4 auth-vid 1
aaa port-access authenticator 4 unauth-vid 4
aaa port-access authenticator 5 auth-vid 1
aaa port-access authenticator 5 unauth-vid 4
aaa port-access authenticator 6 auth-vid 1
aaa port-access authenticator 6 unauth-vid 4
aaa port-access authenticator 7 auth-vid 1
aaa port-access authenticator 7 unauth-vid 4
aaa port-access authenticator 8 auth-vid 1
aaa port-access authenticator 8 unauth-vid 4
aaa port-access authenticator 9 auth-vid 1
aaa port-access authenticator 9 unauth-vid 4
aaa port-access authenticator 10 auth-vid 1
aaa port-access authenticator 10 unauth-vid 4
aaa port-access authenticator 11 auth-vid 1
aaa port-access authenticator 11 unauth-vid 4
aaa port-access authenticator 12 auth-vid 1
aaa port-access authenticator 12 unauth-vid 4
aaa port-access authenticator 13 auth-vid 1
aaa port-access authenticator 13 unauth-vid 4
aaa port-access authenticator 14 auth-vid 1
aaa port-access authenticator 14 unauth-vid 4
aaa port-access authenticator 15 auth-vid 1
aaa port-access authenticator 15 unauth-vid 4
aaa port-access authenticator 16 auth-vid 1
aaa port-access authenticator 16 unauth-vid 4
aaa port-access authenticator 17 auth-vid 1
aaa port-access authenticator 17 unauth-vid 4
aaa port-access authenticator 18 auth-vid 1
aaa port-access authenticator 18 unauth-vid 4
aaa port-access authenticator 19 auth-vid 1
aaa port-access authenticator 19 unauth-vid 4
aaa port-access authenticator 20 auth-vid 1
aaa port-access authenticator 20 unauth-vid 4
aaa port-access authenticator active
aaa port-access 1-20
cenk

Re: Reg:ldap authentication

Dear Cenk,

Thanks for ur valuble and great support on my case .Iam very very thankfull to u.Now i configured as per ur config file which i received from u.It was working fine.

Thanks a lot.

Thnka for HP-Tech team and NAZAR also.

THanks&Regards
srini