Web and Unmanaged
1748233 Members
3518 Online
108759 Solutions
New Discussion

802.1X (On windows Server 2012 R2 with NPS) + V1910

 
Micronas
New Member

802.1X (On windows Server 2012 R2 with NPS) + V1910

Hi guys!

I am facing a strange problem since two last weeks and I can't find a solution.

I have configured on server with Windows Server 2012 R2 with NPS configured to aceppt machines from AD Domain, I used this same configuration with others switches (from other brands) and this worked properly.

The problem is, when I set this with V1910, the client workstation shows an erro message "Authentication Failed", in log of Radius I can see the authentication requests. On the HP V1910 I see in the log some errors: (AUTH FAILED).

I believe that is a problem with Switch configuration, some config that I forgot, see below my configuration (at this time I am using the port 21 to test 802.1x). Can you help me? Any hint or idea?

Thank You a lot!

#
version 5.20, Release 1516P03
#
sysname SW01
#
domain default enable system
#
ip ttl-expires enable
#
dot1x
dot1x retry 3
dot1x authentication-method eap
#
undo ip http enable
#
web idle-timeout 3
#
password-recovery enable
#
vlan 1
description LAN
#
vlan 2
description ITAU
#
radius scheme system
server-type extended
primary authentication 192.168.10.155
primary accounting 192.168.10.155
key authentication cipher $c$3$Us0BJyIl6AHI9FcsSAmv/agyISm+0n8/
key accounting cipher $c$3$LvB4ORns8PbD6ZLPTj+miRnRh8BgJgZy
security-policy-server 192.168.10.155
#
domain system
authentication lan-access radius-scheme system
authorization lan-access radius-scheme system
accounting lan-access radius-scheme system
access-limit disable
state active
idle-cut disable
self-service-url disable
#
user-group system
#
local-user admswhp
password hash cipher $h$6$i6KqYTD4XOF8dFNT$UUNFFIp9XCw54oS8nK/98r+Ea3M8mcL0MWcx9yzmL+AF+8UpNo1u5GnjNHM3GyHRpm0JSp14e+lT+1+gJkN/qw==
authorization-attribute level 3
service-type telnet terminal
service-type ftp
service-type web
#
stp mode rstp
stp enable
#
interface Bridge-Aggregation1
#
interface Bridge-Aggregation2
#
interface NULL0
#
interface Vlan-interface1
ip address 192.168.1.60 255.255.255.0
#
interface Vlan-interface2
ip address 192.168.10.60 255.255.255.0
#
interface GigabitEthernet1/0/1
stp edged-port enable
#
interface GigabitEthernet1/0/2
stp edged-port enable
#
interface GigabitEthernet1/0/3
stp edged-port enable
#
interface GigabitEthernet1/0/4
stp edged-port enable
#
interface GigabitEthernet1/0/5
stp edged-port enable
#
interface GigabitEthernet1/0/6
stp edged-port enable
#
interface GigabitEthernet1/0/7
stp edged-port enable
#
interface GigabitEthernet1/0/8
stp edged-port enable
#
interface GigabitEthernet1/0/9
stp edged-port enable
#
interface GigabitEthernet1/0/10
stp edged-port enable
#
interface GigabitEthernet1/0/11
stp edged-port enable
#
interface GigabitEthernet1/0/12
stp edged-port enable
#
interface GigabitEthernet1/0/13
stp edged-port enable
#
interface GigabitEthernet1/0/14
stp edged-port enable
#
interface GigabitEthernet1/0/15
stp edged-port enable
#
interface GigabitEthernet1/0/16
stp edged-port enable
#
interface GigabitEthernet1/0/17
stp edged-port enable
#
interface GigabitEthernet1/0/18
stp edged-port enable
#
interface GigabitEthernet1/0/19
port access vlan 2
stp edged-port enable
#
interface GigabitEthernet1/0/20
port access vlan 2
stp edged-port enable
#
interface GigabitEthernet1/0/21
port access vlan 2
speed auto 10 100 1000
stp edged-port enable
undo ntdp enable
mac-address max-mac-count 1
dot1x re-authenticate
undo dot1x multicast-trigger
dot1x
#
interface GigabitEthernet1/0/22
port access vlan 2
stp edged-port enable
#
interface GigabitEthernet1/0/23
port access vlan 2
stp edged-port enable
#
interface GigabitEthernet1/0/24
port access vlan 2
stp edged-port enable
#
interface GigabitEthernet1/0/25
stp edged-port enable
port link-aggregation group 1
#
interface GigabitEthernet1/0/26
stp edged-port enable
port link-aggregation group 1
#
interface GigabitEthernet1/0/27
stp edged-port enable
port link-aggregation group 2
#
interface GigabitEthernet1/0/28
stp edged-port enable
port link-aggregation group 2
#
ssh server enable
#
ip https enable
#
user-interface aux 0
authentication-mode scheme
user-interface vty 0 15
authentication-mode scheme
#
return