- Community Home
- >
- Networking
- >
- Security e-Series
- >
- Re: Dot1x - with 3COM 4210
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-07-2011 06:41 AM
12-07-2011 06:41 AM
Dot1x - with 3COM 4210
Hi all,
pls help with issue bellow.
I need to setup port-based authenticatoin 802.1x with RADIUS server / Microsoft NPS 2008 / - After my configuration seem everything fine only 3com tell me Failed auth. and end user dont connect to the VLAN1 and stay in unauth state :(
1. 3Com CFG configuration
domain default enable system
dot1x
dot1x authentication-method eap
radius scheme system
server-type standard
primary authentication 172.16.5.19 key secret
domain system
scheme radius-scheme system
scheme login local
authentication lan-access radius-scheme system
authorization login local
interface Ethernet1/0/4
stp edged-port enable
loopback-detection enable
dot1x
di dot1x - command
Ethernet1/0/4 is link-up
802.1X protocol is enabled
Proxy trap checker is disabled
Proxy logoff checker is disabled
Version-Check is disabled
The port is an authenticator
Authentication Mode is Auto
Port Control Type is Mac-based
ReAuthenticate is disabled
Max number of on-line users is 256
Authentication Success: 0, Failed: 49
EAPOL Packets: Tx 369, Rx 393
Sent EAP Request/Identity Packets : 113
EAP Request/Challenge Packets: 0
Received EAPOL Start Packets : 136
EAPOL LogOff Packets: 0
EAP Response/Identity Packets : 257
EAP Response/Challenge Packets: 0
Error Packets: 0
1. Unauthenticated user : MAC address: 001f-29d7-70d4
Network Monitor 3.4 on NPS server
Everything look fine :(
NPS 2008 server
Is there some specail vendor specific for 3COMs? Or could anybody help me with that?
Thank you all for reply
Jan
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-01-2012 03:14 AM - edited 03-01-2012 03:15 AM
03-01-2012 03:14 AM - edited 03-01-2012 03:15 AM
Re: Dot1x - with 3COM 4210
Hi Jan,
generally I would add a new RADIUS scheme for NPS authentication like
radius scheme nps
primary authentication ...
In the domain you have to refer to the scheme and add authorization:
domain <whatever>
authentication lan-access radius-scheme nps
authorization lan-access radius-scheme nps
accounting lan-access radius-scheme nps
...
If you miss the authorization it will not work!
Uli
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-01-2012 03:15 AM
03-01-2012 03:15 AM
Re: Dot1x - with 3COM 4210
Uli