HPE Community
Switches, Hubs, and Modems
1753719 Members
4748 Online
108799 Solutions
New Discussion

peap-mschapv2 on web authentication

 
Chad Lenox
New Member

‎10-06-2010 10:33 AM

‎10-06-2010 10:33 AM

peap-mschapv2 on web authentication

I'm trying to configure a ProCurve 3500yl-24G (Software K.14.47) to use web-based authentication for port access. I'm using Microsoft's NPS on Server 2008 for RADIUS authentication. I can successfully authenticate, get assigned to the right VLAN, and get an IP when I use chap-radius and store my password using reverse encryption in AD, but I cannot authenticate when I try to use peap-mschapv2. Here is what my config looks like:

radius-server host 10.10.10.2 key "123456789"
aaa authentication port-access eap-radius
aaa authentication web-based peap-mschapv2
aaa port-access authenticator 1
aaa port-access authenticator active
aaa port-access web-based 1
aaa port-access web-based 1 redirect-url "http://www.google.com"
aaa port-access web-based 1 auth-vid 2
aaa port-access web-based 1 unauth-vid 3
aaa port-access web-based dhcp-addr 192.168.0.0 255.255.255.0
aaa port-access web-based ewa-server 10.10.10.3 "/EWA"

Does anyone know the correct settings in NPS for peap-mschapv2 on web authentication?
0 Kudos
1 REPLY 1
coreydhp
Occasional Visitor

‎12-07-2010 05:31 PM

‎12-07-2010 05:31 PM

Re: peap-mschapv2 on web authentication

Hi Chad,

There is an interoperability issue with that feature with Server 2008 NPS. I think you will find that it works with Server 2003 IAS.

The problem has been corrected in a newer version of the switch firmware K.15.02.0005 and can be downloaded free of charge at:

http://h10144.www1.hp.com/customercare/support/software/switches.htm
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.