Aruba Switch Radius Auth

Irakli111 · ‎11-01-2021

Hello,

I have configured authentication\authorization on my Aruba Switches via Radius (Cisco ACS). Cisco ACS is integrited with Active Directory.

Problem is:

Local User (User created localy in ACS) can pass Authentication\Authorization, but AD User can't. what is the problem?

Emil_G · ‎11-01-2021

Hello @Irakli111

What is the model and firmware version of your Aruba switches?

What type of authentication are we talking about? Are you using RADIUS to authenticate switch admins logging in via SSH, Telnet and HTTPs?

Or you have configured 802.1x or mac-authentication for end user port-access?

What RADIUS response is receiving the switch when an AD user cannot authenticate? Is it a RADIUS access-accept or access-reject? If the switch is receiving Access-Accept in both cases (with local and AD users) did you compare if there is some difference in the RADIUS attributes?

Any more specific error message in the log of the switch?

If the Cisco ASC is sending an Access-Reject I think you should investigate on the CIsco ASC or AD why they decided to not authenticate the users. The switch is not involved in this decision. The radius server should log a reason for the failing authentication.

If we still have good reason to believe the issue is caused by the switch maybe it would be good if you could provide an example showing how authentication is configured on the switch (after removing potentially sensitive information like IP addresses)

I am an HPE employee

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Aruba Switch Radius Auth

Aruba Switch Radius Auth

Re: Aruba Switch Radius Auth