cancel
Showing results for 
Search instead for 
Did you mean: 

802.1x authentication

802.1x authentication

muthu_naganatha
New Contributor
Hi Team,

I need to configure the 802.1X authentication in Summit X440 -24p-10g switch.

I have NPS server in our environment .

Server details :- Ip address 192.168.1.74

Subnet :- 255.255.255.0

Gateway :- 192.168.1.1

Switch details :- Vlan 1 Ip address :- 192.168.1.4

Kindly provide setup by step command based on this Ip details .

In NPS already working and I configured so not required NPS document only I required what I need to configure in switch level with proper command.




11 REPLIES 11

Ariyakudi_Srini
New Contributor
Hi Muthu,

And the client-ip is the IP of the switch.

Below is a sample configuration for your reference,
The following example configures the primary RADIUS server on host radius1 using the default UDP port (1812) for use by the RADIUS client on switch 10.10.20.30 using a virtual router interface of VRDefault:

#configure radius primary server radius1 client-ip 10.10.20.30 vr vr-Default

Andrew_Imam
New Contributor
Hi Muthu,

If you are not using the MGMT VLAN to connect to your RADIUS Server, please replace the vr VR-MGMT with vr VR-Default in the command you listed. Please let us know if you have any other questions.
Thank you.

Best regards,
Andrew

muthu_naganatha
New Contributor
Hi ,

I am not understanding what is the client-ip ?
  • configure radius netlogin primary server client-ip
Regards
N.Muthu

Naganathan, any station that wants to communicate to a Radius server must be registered as a client in the Radius server. And for every client, the Radius server will have a shared secret (think of it as a password) to validate that the client i the correct one.

So, you will need two enter commands in the switch:
configure radius netlogin primary server 192.168.1.74 client-ip 192.168.1.4 vr "VR-Default"
configure radius netlogin primary shared-secret "mysecret" (you can select a different one...)
And then you will need to add the switch as a client in NPS.

I nthe Windows server open NPS, open Radius Clients and Servers, select RADIUS Clients, right-click and select New:

15957071ab2d4a459cd24870e0ae1b9f_11622-1dnnlpv_inline.png



In the New RADIUS Client form input the switch address (192.168.1.4) in the Address field. Then enter the shared secret (mysecret, or whatever you chose in the previous command) in the Shared Secret and Confirm Shared Secret fields. Press OK to save. The new client should appear in the clients list.

15957071ab2d4a459cd24870e0ae1b9f_18601-1jtbgny_inline.png



Now the switch and the Radius server are ready to talk to each other.

muthu_naganatha
New Contributor
Hi ,

While execute the command i am getting error message.
X440-24p-10G.12 # configure radius netlogin primary server 1812 client-ip 192.168.1.4 vr "VR-Mgmt"
Error: IP address 192.168.1.4 is not configured in virtual router "VR-Mgmt".

Regards.
Muthu
GTM-P2G8KFN