Web and Unmanaged
1747993 Members
5191 Online
108756 Solutions
New Discussion

802.1x using client cert 1920 switch ports?

 
Sez
Occasional Visitor

802.1x using client cert 1920 switch ports?

Hi,

Looking to setup some 1920G (i.e. Comware) switches to use 802.1X for switch port auth, with the connecting devices (thin clients) having device cetrificates installed for the auth exchange.

The backend is Microsoft NPS (radius) integrated into a Microsoft enterprise CA setup.

The HP manaual talks about an 'EAP Relay' mode of operation that "supports various EAP authentication methods"

But examples involve username/password type auth and nothing mentioned about client certs etc.

Has anyone got 802.1X switch port security on 1920G working for devices connecting with instlled client certs?

thanks,

Sez

 

2 REPLIES 2
16again
Respected Contributor

Re: 802.1x using client cert 1920 switch ports?

afaik, in authentication phase, the switch just converts EAPoL to/from RADIUS packets, and the switch is unaware of used authentication method (certs or user/pwd) .  So just try configuring the switch according to the example in 1920 manual, and configure PKI,Radius and clients like any example found.

 

Sez
Occasional Visitor

Re: 802.1x using client cert 1920 switch ports?

Thanks

Will give it a go.

Was just trying to see if anyone has a working setup, before doing a PKI + radius setup only to discover some undocumented feature on the switch... :-)

Sez