- Community Home
- >
- Networking
- >
- Security e-Series
- >
- 802.1x configuration - cannot authenticate to Micr...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-12-2016 12:29 PM
10-12-2016 12:29 PM
802.1x configuration - cannot authenticate to Microsoft NPS
Setting up initial dot1x configuration on HP 5500 HI - Comware vers 5.20.99
Problem is that cannot get user PC to authenticate using EAP to Microsoft NPS. I do NOT see EAPoL or Radius packets hitting the NPS from the switch. I can SSH to the switch using radius authentication, so I know the radius config on the switch is working.
Error in switch log: 8021X/6/DOT1X_AUTH_FAILURE:
Port config
port link-mode bridge
port access vlan 144
undo voice vlan mode auto
broadcast-suppression pps 3000
undo jumboframe enable
lldp compliance admin-status cdp txrx
qos trust dot1p
undo dot1x handshake
dot1x mandatory-domain tos.x.x.x.x
dot1x port-method portbased
dot1x
dot1x eapol untag
Port dot1x config
Equipment 802.1X protocol is enabled
EAP authentication is enabled
EAD quick deploy is disabled
Configuration: Transmit Period 30 s, Handshake Period 15 s
Quiet Period 60 s, Quiet Period Timer is disabled
Supp Timeout 30 s, Server Timeout 100 s
Reauth Period 3600 s
The maximal retransmitting times 2
EAD quick deploy configuration:
EAD timeout: 30 m
The maximum 802.1X user resource number is 2048 per slot
Total current used 802.1X resource number is 0
GigabitEthernet1/0/19 is link-up
802.1X protocol is enabled
Handshake is disabled
Handshake secure is disabled
802.1X unicast-trigger is disabled
802.1X user-ip freeze is disabled
Periodic reauthentication is disabled
The port is an authenticator
Authentication Mode is Auto
Port Control Type is Port-based
802.1X Multicast-trigger is enabled
Mandatory authentication domain: tosx.x.x.x
Guest VLAN: NOT configured
Auth-Fail VLAN: NOT configured
Critical VLAN: NOT configured
Critical recovery-action: NOT configured
Voice VLAN: NOT configured
Global dot1x config
Equipment 802.1X protocol is enabled
EAP authentication is enabled
I would like someone to verify my switch configuration and let me know if there a problem with it. Also any troubleshooting steps I can take to help isolate the problem. Thanks