Web and Unmanaged
cancel
Showing results for 
Search instead for 
Did you mean: 

HP 1910-48 RADIUS (NPS) Permisions Issue

 
Emithez
Occasional Advisor

HP 1910-48 RADIUS (NPS) Permisions Issue

Let's try this again with more detail. I am attempting to get RADIUS to fully function on an HP 1910-48 switch (Legacy 3COM). I can get logged into the switch with my current radius settings, however when I log in I have what appears to be diagnostics only permissions. I can Ping, Trace Route and that's about it, I cannot view any tabs on the switch GUI interface (I have also tried telnet and SSH just to see if it was a GUI issue). I know the RADIUS settings on the switch must be accurate due to the fact that I can log into the switch using admin RADIUS credentials (however, when the RADIUS settings are enabled I cannot log in using local credentials even though the AAA settings call for local login as the backup). The RADIUS server is Windows 2012 R2 (NPS).

My RADIUS/AAA settings for the switch are in the images below along with my NPS settings. I believe the issue boils down to a "Vendor-Specific" setting on the RADIUS server side. Since this is a legacy 3COM switch would I use 3COM or HP vendor codes (11 or 43). I have tried both. Then I need the vendor assigned attribute number. I have looked at the 91 vendor attribute numbers in the user manual and no matter which attribute I try I still have the same issue. FInally the attribute number needs a value and I have tried 1-3, administrative, management, Cisco commands, everything I can think of.

Apparently a lot of people have this issue but I cannot seem to ever find the solution when they post. Does anyone have any information on this?

Radius 1.jpg

Radius 2.jpg

AAA 1.jpgAAA 2.jpgAAA 3.jpgNPS 1.jpgNPS 2.jpgNPS 3.jpgNPS 4.jpgNPS 5.jpg

 

2 REPLIES
Dennis Handly
Acclaimed Contributor

Re: HP 1910-48 RADIUS (NPS) Permisions Issue

svarttjern
Collector

Re: HP 1910-48 RADIUS (NPS) Permisions Issue

Hi Emithez 

Edit: I might jumped to quick into this reply. I see your switch is a 1910 series and not a 1920 series. I hope you manage to solve this issue.

I managed to solve this on my 1920-8G switch. 

I had to create my NPS policy like this. I found this information in an old 3Com guide. Follow this link to see the guide: http://community.hpe.com/hpeb/attachments/hpeb/switching-a-series-forum/3657/1/Auth_3Com%20Radius%20Setup%2020071106.pdf

010600000001 = monitor access

010600000002 = manager access

010600000003 = admin access

nps2.pngnps3.png

nps4.png