HPE Community read-only access December 15, 2018
This is a maintenance upgrade. You will be able to read articles and posts, but not post or reply.
Hours:
Dec 15, 4:00 am to 10:00 am UTC
Dec 14, 10:00 pm CST to Dec 15, 4:00 am CST
Dec 14, 8:00 pm PST to Dec 15, 2:00 am PST
Web and Unmanaged
cancel
Showing results for 
Search instead for 
Did you mean: 

802.1x on HP switch

 
chingrc
Occasional Visitor

802.1x on HP switch

Dear ALL,

 

I'm configuring 802.1x on HP procurve V1910 switch following the HP configuration guide but  clients  fails to authenticate NPS server (WS 2012).  I  has been configing with other Cisco 2960 and HP 2620, both worked without any problem. I have 2  HPv1910 switches and both have the same issue.

On NPS server's log i got error event ID 13: "A RADIUS message was received from the invalid RADIUS client IP address xxx1"

 

Here is the switch config which i extracted main parts:

 

domain default enable system
#
ip ttl-expires enable
#
dot1x
dot1x authentication-method eap
#
password-recovery enable
#
vlan 1
#
vlan 50
#
vlan 60

#
vlan 81
#
radius scheme system
server-type extended
primary authentication  xxx1
primary accounting  xxx1
key authentication cipher $c$3$4IF6hoCQIHbz8cxRpCzqh7ROM0ITkcTY2M0daszn7/Ic
key accounting cipher $c$3$aAj7S8b+d3Yxx1ncQU+6CSuekiAFklUxQ9C4BusqY5ou
security-policy-server xxx1
timer response-timeout 5
user-name-format without-domain
nas-ip xxx.2

# switch-ip
retry 5
#
domain system
access-limit disable
state active
idle-cut disable
self-service-url disable
#
user-group system
#
local-user admin
password cipher $c$3$6D7SFA/cDC+o9YomMrhinWX+/tFAOkgNBA==
authorization-attribute level 3
service-type ssh telnet terminal
service-type ftp
service-type web
#
stp mode rstp
stp enable

 

...

interface GigabitEthernet1/0/5
port access vlan 1
stp edged-port enable
dot1x re-authenticate
dot1x guest-vlan 81
dot1x auth-fail vlan 81
dot1x port-method portbased
dot1x port-control auto
dot1x

...

 

 

#
ssh server enable
#
user-interface aux 0
authentication-mode scheme
user-interface vty 0
authentication-mode none
user privilege level 2
idle-timeout 2 0
protocol inbound telnet
user-interface vty 1 15
authentication-mode scheme

 

 

I tried to upgrade firmware but i suppose it wasn't the cause (current firmware version 5.20 Release 1513P85).  Any help would be appreciated!

 

Thanks guy!

 

 

P.S. This thread has been moved from HP Networking to Web and Unmanaged. - Hp Forum Moderator

 

 

 

3 REPLIES
chingrc
Occasional Visitor

Re: 802.1x on HP switch

What's wrong with my post, it is a security issue but moved to Web and unmanaged category ?

chingrc
Occasional Visitor

Re: 802.1x on HP switch

So there is no support from HP in my case ?

Re: 802.1x on HP switch

>So there is no support from HP in my case?

 

This is a peer to peer forum, not an official HP support site.
Have you tried contacting the HPSC?
http://www.hp.com/go/hpsc