- Community Home
- >
- Networking
- >
- Switching and Routing
- >
- HPE Aruba Networking & ProVision-based
- >
- Re: RADIUS auth on OfficeConnect 1950 switch
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-15-2020 10:49 AM
12-15-2020 10:49 AM
RADIUS auth on OfficeConnect 1950 switch
I have RADIUS authentication for web and ssh working on about 20 ArubaOS switches.
But now I have this one-off OfficeConnect 1950 switch. I did all my Aruba configs through the cli but the cli on this thing is a nightmare, so I'm fumbling through the web interface.
I've gone into Security -> Radius and configured a RADIUS scheme with my 2 radius servers defined.
Then I went into Security -> ISP Domains and configure Authentication, Authorization and Accounting to use the Radius scheme. Everything is set to Active.
But attempting to login with my AD credentials just gives an error in the log: Authentication failed for <user> from <IP address> port 63284 because of invalid username or wrong password . There is nothing logged on the NPS server.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-17-2020 02:37 PM
12-17-2020 02:37 PM
Re: RADIUS auth on OfficeConnect 1950 switch
Hi,
Is switch reachable to radius server?
Can you share GUI snapshots used to configure radius scheme?
Thanks!


- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-21-2020 11:51 AM - edited 12-21-2020 11:57 AM
12-21-2020 11:51 AM - edited 12-21-2020 11:57 AM
Re: RADIUS auth on OfficeConnect 1950 switch
Yes the RADIUS servers are reachable, the switch is in the same subnet as the rest of my switches which are working.
The key will not stay whether I put it in the same line as the IP or in the box for shared key underneath each section, I don't know which is the correct place to put the preshared key.

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-20-2021 06:57 AM
01-20-2021 06:57 AM
Re: RADIUS auth on OfficeConnect 1950 switch
Bueller?

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-11-2021 01:59 PM
02-11-2021 01:59 PM
Re: RADIUS auth on OfficeConnect 1950 switch
I guess the answer is don't buy these junk switches.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-11-2021 04:46 PM
02-11-2021 04:46 PM
Re: RADIUS auth on OfficeConnect 1950 switch
Hello,
Apologies, missed your post.
Second snapshot is not clear which you have shared earlier.
Can you check below HPE 1950 user manual pg.165:
https://support.hpe.com/hpesc/public/docDisplay?docId=c04657809
Thanks!


- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-16-2021 06:41 AM
02-16-2021 06:41 AM
Re: RADIUS auth on OfficeConnect 1950 switch
There is no page 165. Page 65 is about PKI, which I'm not trying to configure at this point. I'm simply trying to be able to login to the switch's web interface or SSH using our AD credentials. I have RADIUS working, and I'm doing this on 20+ Aruba switches by simply issuing the following commands:
radius-server host 10.1.1.7 key "asdfasdfasdfasdf"
radius-server host 10.2.1.7 key "asdfasdfasdfasdf"radius-server timeout 3
radius-server retransmit 1
aaa authentication login privilege-mode
aaa authentication ssh login peap-mschapv2 local
aaa authentication ssh enable peap-mschapv2 local
aaa authentication web login peap-mschapv2 local
aaa authentication web enable peap-mschapv2 local
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-16-2021 03:08 PM - edited 02-16-2021 03:33 PM
02-16-2021 03:08 PM - edited 02-16-2021 03:33 PM
Re: RADIUS auth on OfficeConnect 1950 switch
Hello,
I apoloies for typo, the pg no is 123.
This switch has limitations.
As a part of troubleshooting can you go to Security > Authentication > ISP Domains and select your domain and select all 'Login', 'LAN Access' & 'Portal' and add radius1 scheme.
Authenticate all 802.1X users who access the switch through that interface in ISP domain.
Security > Access Control > 802.1x.
Go to Advanced settings page for the interface, set the port auhorization state to Auto and set the mandatory ISP domain to your ISP domain name.
Hopefully it will help you.
Thanks!


- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-03-2021 08:09 AM
03-03-2021 08:09 AM
Re: RADIUS auth on OfficeConnect 1950 switch
Now that link doesn't work.

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-03-2021 08:26 AM
03-03-2021 08:26 AM
Re: RADIUS auth on OfficeConnect 1950 switch
I went to Security -> ISP Domains, select my domain, Login was already checked. I checked Portal and checked RADIUS and Local in each category.
I'm pretty sure I don't want to select LAN, I haven't said anything about using 802.1x auth for LAN access and I'm not ready to take down the network at this moment.
Nothing changed when logging into the switch. My domain credentials don't work, and the logs on the 1950 just say Login failed for user: <username> there is no mention of trying to contact a RADIUS server.
Only the local admin users continues to work.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-03-2021 03:11 PM
03-03-2021 03:11 PM
Re: RADIUS auth on OfficeConnect 1950 switch
Hello,
In this case requesting you to log a case with support.
This issue requires support intervention.
Thanks!
