Re: radius mac-based auth on 2524?

Nazzareno Taborgna · ‎06-05-2008

hello,
I am enabling mac-based authentication on
several procurve switches.
while on 2600 series it is easy, it looks more difficult on the 2500. I did look in the manual and in this forum, without finding examples.
Any help? thanks, bye.

cenk sasmaztin · ‎06-05-2008

hi
same config 2600 with 2500 switch mac-based authentication config
cenk
---------------------------------------------
Specify the format of the MAC address; must match what was configured on the RADIUS serverâ Switch(config)# aaa port-access mac-based addr-format â ¢Specify port under MAC authcontrol â Switch(config)#aaa port-access mac-based [e]

Additional MAC-authport parameters:-Allows client moves between the specified ports under MAC authcontrol without requiring a reauthentication:-aaa port-access web-based [e] < port-list> [auth-vid ]] no] aaa port-access mac-based [e] < port-list > [addr-moves]-Specifiesthe period, in seconds, that the switch enforces for an implicit logoff:-aaa port-access mac-based [e] < port-list > [logoff-period] <60-9999999>]-Forcesa reauthentication of all attached clients on the port:-aaa port-access mac-based [e] < port-list > [reauthenticate]-Specifies the period, in seconds, the switch waits for a serverresponse to an authentication request:-aaa port-access mac-based [e] < port-list > [server-timeout <1 -300>] -Specifies the VLAN to use for a client that fails authentication. If unauth-vid is 0, no VLAN changes occur.-aaa port-access mac-based [e] < port-list > [unauth-vid]

cenk

cenk sasmaztin · ‎06-05-2008

SORRY..!
I think you switch 2510 because you have swich 2524

please see link in(page38) ;for 2524 switch mac-authentication configuration info

http://cdn.procurve.com/training/Manuals/2300-2500-RelNotes-F0565-59903102.pdf

cenk

Matt Hobbs · ‎06-05-2008

There is no web or mac auth on the 2500 switches. You'll need to upgrade or use 802.1X.

cenk sasmaztin · ‎06-05-2008

for mac based authentication on 2524 switch you make 802.1x and port security config please see above link in guide

cenk

cenk

Nazzareno Taborgna · ‎06-06-2008

Sorry, but I didn'find any configuration example in the link that you point
for 802.1x, perhaps it may be something like

aaa authen port-acc eap-radius

I would like to avoid a lot of tries...

the manuals tell that the switch can do 802.1x,
ok, but should show how configure it too...
Thanks, bye.

cenk sasmaztin · ‎06-06-2008

hi port security and 802.1x configuration best way mac authentication on 2524 switch

frist config port security on switch

config)# port-security 1-20 learn-mode static address-limit 1 action send-disable

port security operation stand alone very succesful mac authentiation operation because use with 802.1x very very good.

secont config 802.1x on 2524

(config)#radius-server host 100.100.100.80 key procurve
config)#aaa authentication port-access eap-radius
config)#aaa accounting network start-stop radius

config)aaa port-access authenticator 1-20 control auto

config)#aaa port access authenticator active

cenk

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Discussions

Forums

Discussions

Forums

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Re: radius mac-based auth on 2524?

radius mac-based auth on 2524?