Switching and Routing
1747984 Members
4669 Online
108756 Solutions
New Discussion

Office connect 1950 radius authentication for web admin

 
johnyeaman
New Member

Office connect 1950 radius authentication for web admin

Hi,

I want to set up radius authentication for the admin portal on a pair of Office Connect 1950s (JH295A). I cant see anywhere to do this in the GUI or is there any example in the user manual.

I assume its possible as the switch support radius so how is this achieved?  

Many thanks

JY

 

1 REPLY 1
Ivan_B
HPE Pro

Re: Office connect 1950 radius authentication for web admin

Hello!

Unfortunately, I couldn't find a document that would describe step-by-step such configuration, but in overall it is possible. If you know how to setup RADIUS authentication for dot1x (and that is described in the guide) you are almost there. The only addition you need to do is to enable Service-type "Login" in the ISP domain and set Authentication, Authorization and Accounting for that Service-type to RADIUS and Local as backup (for accounting set RADIUS and or None, don't use Local). This Service-type "Login" regulates access over Telnet, SSH and Web. Keep in mind that your RADIUS server must return in attribute 'Cisco-AVPair" following string - ' shell:roles="network-admin" ' (without single-quotes) in order the user to be recognized as administrator.

For FreeRADIUS config, that line will be as follows:

Cisco-AVPair = "shell:roles=\"network-admin\""

 

 

I am an HPE employee

Accept or Kudo