How to configure radius authentication for EXOS switch management
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎01-05-2022 03:28 PM
Hello,
I'm trying to configure A3 as our radius-mgmt server for switch authentication. I found an older article that mentions only Cicso Management Authentications are supported? The EXOS switch is a 440G2 running 31.3.1.3-patch1-10, with radius mgmt-access enabled and correct shared-secret. I enabled 'CLI Access' under the device settings as well. The RADIUS log show 'Auth Rejected' and I'm not sure what step/filter I might be missing.
Any guidance or step-by-step guides you can provide would be great.
Thanks,
Matt
I'm trying to configure A3 as our radius-mgmt server for switch authentication. I found an older article that mentions only Cicso Management Authentications are supported? The EXOS switch is a 440G2 running 31.3.1.3-patch1-10, with radius mgmt-access enabled and correct shared-secret. I enabled 'CLI Access' under the device settings as well. The RADIUS log show 'Auth Rejected' and I'm not sure what step/filter I might be missing.
Any guidance or step-by-step guides you can provide would be great.
Thanks,
Matt
11 REPLIES 11
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎01-20-2022 02:23 AM
Hi, the connection profile that you hit should have the right auhtentication source added to it.
In my lab a bug was found in the extreme library handling snmp and we can change that file to fix it.
If you open a case with Extreme Networks and ask it to be assigned to me (Oscar Koot) we can check if the same fix helps for you.
In my lab a bug was found in the extreme library handling snmp and we can change that file to fix it.
If you open a case with Extreme Networks and ask it to be assigned to me (Oscar Koot) we can check if the same fix helps for you.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎01-19-2022 01:56 PM
I upgraded to 4.0 today and re-tested with no luck. I also changed the radius mgmt-access port to 1815.
Do you think a connection profile needs to be setup as well? I noticed the NAS-Port-Type is Virtual and I have no connection profile setup for that type of connection. I do have a separate profile with the connection type set to CLI-Access using my internal AD/LDAP source
Do you think a connection profile needs to be setup as well? I noticed the NAS-Port-Type is Virtual and I have no connection profile setup for that type of connection. I do have a separate profile with the connection type set to CLI-Access using my internal AD/LDAP source
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎01-13-2022 09:16 AM
One important thing, you need to configure port 1815 for mgmt-access instead of 1812. However in my tests it did not make a difference and I could only authenticate through local A3 users, however I am checking why ldap does not work.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎01-13-2022 09:01 AM
Thanks for the article. Is it possible to query an internal AD source for the user instead of creating the admin accounts locally?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎01-12-2022 07:57 AM
I just got it working using local user accounts on A3.
See below article.
https://extremeportal.force.com/ExtrArticleDetail?an=000060486
See below article.
https://extremeportal.force.com/ExtrArticleDetail?an=000060486
