Authetication SSH Switch HPE 5130 with RADIUS and MFA Microsoft

ClaytonEduardo · ‎03-03-2021

Good morning everyone,

I already have on my network with switches HPE 5130 and 5900 authentication ssh via radius (Windows Server 2012), however, I'm needing to make work the authentication with Microsoft MFA, for windows and Linux is already working, however, when I log on via ssh appears the banner of the switch but soon in the sequence my session is closed.

akg7 · ‎03-03-2021

Hello,

Are you getting any error message when ssh session get closed?

Can you confirm the authentication mode and default user role from config?

Thanks!

I am an HPE Employee

ClaytonEduardo · ‎03-03-2021

Hi,

No error messages, just close.

In Line VTY 0 the authentication mode is scheme and user role is network-operator.

Thanks.

akg7 · ‎03-04-2021

Hello,

Can you try to add like below:

ssh server enable

local-user operator
authorization-attribute user-role level-3
service-type ssh

user-interface vty 0 4
authentication-mode scheme
user-role network-operator

Thanks!

I am an HPE Employee

ClaytonEduardo · 3 weeks ago

Hi, Sorry for the delay, so, using your last solution i had the same problem....But i was able to resolve this issue with the command below:

role default-role enable network-admin

In this way, i have acces with Network Admin and the MFA Microsoft worked, but if I want access Network operator I put the command below:

role default-role enable network-operator

PS.: In the RADIUS Server no changes where needed.

Thanks for your help.

Authetication SSH Switch HPE 5130 with RADIUS and MFA Microsoft

Authetication SSH Switch HPE 5130 with RADIUS and MFA Microsoft

Re: Authetication SSH Switch HPE 5130 with RADIUS and MFA Microsoft

Re: Authetication SSH Switch HPE 5130 with RADIUS and MFA Microsoft

Re: Authetication SSH Switch HPE 5130 with RADIUS and MFA Microsoft

Re: Authetication SSH Switch HPE 5130 with RADIUS and MFA Microsoft

Hewlett Packard Enterprise International