- Community Home
- >
- Networking
- >
- IMC
- >
- Re: dot1x authentication
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-26-2014 02:22 AM
тАО11-26-2014 02:22 AM
dot1x authentication
Hi; I configured IMC with UAM (User Authentication Module) and did managed to add Access Users for device management through Telnet and SSH.
but I need to enable dot1x authentication, so whenever a user connects its computer to switch port, it requests 802.1x authentication to switch and then to IMC. for this yo work, I added an Access User with Access Class and relative Access policies and Access Scenarios; but it did not worked. I enabled 802.1x on a notebook with Win8, but how can I set the authenticating protocol on IMC among various options (PEAP, EAP-TLS, ...). if you have any idea about how to make 802.1x to work, let me know. tnx.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-26-2014 07:48 AM
тАО11-26-2014 07:48 AM
Re: dot1x authentication
really isn't there anybody who have used HP IMC to authenticate users with 802.1x? I think authenticating users with IMC (as a RADIUS server) is one of important roles of IMC. anyway, if every one of you has experienced this, please let me know the details. do I need to install HP iNode on every client PC or I can use Windows built-in mechanism for 802.1x authentication? tnx.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-26-2014 09:36 AM - edited тАО11-26-2014 09:37 AM
тАО11-26-2014 09:36 AM - edited тАО11-26-2014 09:37 AM
Re: dot1x authentication
Yes I'm currently running it with both 802.1x and MAC authentication on every port. Not using inode.
Please review this post further back - 4 or 5 on the list:
Computer account issue in IMC/UAM for 802.1x authentication
in various replies from me, i give explanation and screen shots for pretty much everything you need to do except for switch configuration, including client adapater settings.
Hope it helps
Neil
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-27-2014 03:36 AM - edited тАО11-27-2014 03:39 AM
тАО11-27-2014 03:36 AM - edited тАО11-27-2014 03:39 AM
Re: dot1x authentication
Thanks for your reply. I will test it 4 sure. but for now I want to configure authentication just by the usernames and passwords with IMC local Authentication DB. for this I added the All Access User with relative Scenarios, Policies, etc and enabled the 802.1x on NIC of a client computer which runs Windows 8.1. the switch that I've connected the mentioned client computer is configured for dot1x and is ready to forward authentication requests to IMC. What can be done after this point? do I need to configure any certificate or enable any authentication protocol beyond what I've done up to now? tnx a lot.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-27-2014 09:18 PM
тАО11-27-2014 09:18 PM
Re: dot1x authentication
Otherwise try md5 instead of mschap
I'm not running that local option for windows users
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-27-2014 09:23 PM
тАО11-27-2014 09:23 PM
Re: dot1x authentication
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-28-2014 06:49 AM
тАО11-28-2014 06:49 AM
Re: dot1x authentication
"Automatically Use My Windows Login Name And Password" option is disabled on my computer. I just enabled the "Wired AutoConfig Service" in services console, then on the "Authentication" tab of the NIC Properties, selected the "Microsoft Protected EAP or PEAP" and clicked on the Additional Settings, then selected the "User Authentication" option. but after connecting the port to the switch, nothing happens and I cannot reach the network. what can I do?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-28-2014 02:38 PM
тАО11-28-2014 02:38 PM
Re: dot1x authentication
Sorry I can't help more without setting up a test network and doing the analysis.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-01-2014 04:08 AM
тАО12-01-2014 04:08 AM
Re: dot1x authentication
Hi; I did managed to configure parameters in such a way that no the Username and Password prompt appears while connecting client to the switch port. but despite the username and password are correct, athentication fails with the error message that indicates " Invalid Authentication Type" on IMC . I've configured authentication on IMC Server as following:
Certificate Authentication: EAP
Certificate Type: EAP-PEAP AuthN
Certificate Sub-Type: MS-CHAPV2 AuthN
but I 'm just using the username and password and did not setup any certificate on any system. the IMC sees the login attemp but it seems there are some misconfiguration about authentication methds. besides, I've activated the 802.1x on the client NIC and selected just the "User Authentication" with PEAP ans MS-CHAPv2. any idea?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-01-2014 04:54 PM
тАО12-01-2014 04:54 PM
Re: dot1x authentication
hmm. IMC side looks right.
Based on what you wrote, not sure how you are sending the UAM credentials from the windows client w/o the user & password prompt. Where/how did you configure that?
On the windows client, PEAP settings I would try unchecking validate server certificate, (if you have this checked I think it will try and use the cleint certificate which might explain the error)
then next to authentication method, secured password (eap-mschapv2), press configure button and uncheck send my windows credentials.
This should prompt you on the client for a userid and password, which should be what you configured in UAM, not your windows ID/password. The client can't send them any other way as far as I know, unless you figured out some other method.