Web and Unmanaged
Showing results for 
Search instead for 
Did you mean: 

HP 1910 Lan Auth with Radius

Occasional Visitor

HP 1910 Lan Auth with Radius



I’m having a hard time getting Lan authentication working. I currently have a radius server setup where I use it to authenticate VPN, wifi and port security. I cant seem to get it working with my HPE 1910’s.

I can see from my NPS logs that its communicating but it failing.





-IfName=GigabitEthernet1/0/13-UserName=host/SAdjei-HP.ONSITERIS.com; DOT1X authentication failed.


I really want to avoid using mac address if possible.


radius scheme system

server-type extended

primary authentication

key authentication cipher xxxxxxxxxx


user-name-format without-domain

radius scheme mydomainname

server-type extended

primary authentication

primary accounting

secondary authentication

secondary accounting

key authentication cipher xxxxxxxxxxxxxxx

key accounting cipher xxxxxxxxxxxxxxxxx

user-name-format keep-original


accounting-on enable

interface GigabitEthernet1/0/13

stp edged-port enable

dot1x max-user 2

dot1x guest-vlan 10

dot1x mandatory-domain onsiteris

dot1x port-method portbased


Occasional Visitor

Re: HP 1910 Lan Auth with Radius

I only have one port setup to use dot1x for testing


GigabitEthernet1/0/13  is link-down
   802.1X protocol is enabled
   Handshake is enabled
   Handshake secure is disabled
   802.1X unicast-trigger is disabled
   Periodic reauthentication is disabled
   The port is an authenticator
   Authentication Mode is Force-Authorized
   Port Control Type is Port-based
   802.1X Multicast-trigger is enabled
   Mandatory authentication domain: onsiteris
   Guest VLAN: 10
   Auth-Fail VLAN: NOT configured
   Critical VLAN: NOT configured
   Critical recovery-action: NOT configured
   Max number of on-line users is 2

   EAPOL Packet: Tx 2663, Rx 836
   Sent EAP Request/Identity Packets : 2312
        EAP Request/Challenge Packets: 94
        EAP Success Packets: 28, Fail Packets: 89
   Received EAPOL Start Packets : 400
            EAPOL LogOff Packets: 0
            EAP Response/Identity Packets : 202
            EAP Response/Challenge Packets: 140
            Error Packets: 0

Ian Vaughan
Honored Contributor

Re: HP 1910 Lan Auth with Radius

If I remember correctly:

"undo dot1x handshake" is recommended whrn you are using Windows NPS as your RADIUS server of choice.

I also have "undo dot1x multicast-trigger" but the sample (working) port config I have is from a 5130ei rather than a 1910.

Have you managed to enable full CLI access to the 1910 or are you able to drive this through the web GUI?

Hope that helps - please click "Thumbs up" for Kudos if it does
## ---------------------------------------------------------------------------##
Which is the only cheese that is made backwards?
Tweets: @2techie4me