HPE Community
Communications and Wireless
1850624 Members
3017 Online
104054 Solutions
New Discussion

Re: 802.1x LAN issues

 
Gideon Kay
New Member

‎06-07-2006 12:46 AM

‎06-07-2006 12:46 AM

802.1x LAN issues

Hi All,

I have setup a test switch with the 802.1x port based authentication based on the advanced security manual. We have both a functioning RADIUS (Used for wireless without issues) and certificate infratsructure. Despite purchasing a brand new switch for testing authentication fails and nothing appears in the log files on the IAS server. If I chage the ip of teh readius client to an incorrect one I get an error saying as such so that part seems to be fine. I have even tried lowering the MTU. Any advise would be very helpfull

Gideon
0 Kudos
3 REPLIES 3
Matt Hobbs
Honored Contributor

‎06-07-2006 01:47 AM

‎06-07-2006 01:47 AM

Re: 802.1x LAN issues

Make sure you have these few lines:

aaa authentication port-access eap-radius
radius-server host
aaa port-access authenticator
aaa port-access authenticator active

If still not having any luck, please attach your running config here.

Don't forget to assign points to posts that have helped you.
0 Kudos
Gideon Kay
New Member

‎06-07-2006 02:16 AM

‎06-07-2006 02:16 AM

Re: 802.1x LAN issues

Hi ,

Thanks for the reply. Those are in place. The ineteresting fact I have now noticed is that some users work fine, others not. It seems to be an IAS issue as when there is a failure/ success IAS logs this yet some logins just sit there with no IAS response

Gideon
0 Kudos
MsE
Advisor

‎07-05-2006 12:26 AM

‎07-05-2006 12:26 AM

Re: 802.1x LAN issues

Did you check the dial-in properties in AD users and groups? It should be set to the option that says that remote access policies will decide whether to grant or deny access.
You can even tell the IAS to completely ignore the users' dial-in settings so it's all up to the ras policies. You can find that info in MS's TechNet.
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.