This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

802.1x authentication

802.1x authentication

muthu_naganatha
New Contributor

‎08-29-2017 04:55 AM

Hi Team,

I need to configure the 802.1X authentication in Summit X440 -24p-10g switch.

I have NPS server in our environment .

Server details :- Ip address 192.168.1.74

Subnet :- 255.255.255.0

Gateway :- 192.168.1.1

Switch details :- Vlan 1 Ip address :- 192.168.1.4

Kindly provide setup by step command based on this Ip details .

In NPS already working and I configured so not required NPS document only I required what I need to configure in switch level with proper command.




0 Kudos
11 REPLIES 11

Ariyakudi_Srini
Extreme Employee

‎08-29-2017 05:20 AM

Hi Muthu,

And the client-ip is the IP of the switch.

Below is a sample configuration for your reference,
The following example configures the primary RADIUS server on host radius1 using the default UDP port (1812) for use by the RADIUS client on switch 10.10.20.30 using a virtual router interface of VRDefault:

#configure radius primary server radius1 client-ip 10.10.20.30 vr vr-Default

0 Kudos

Andrew_Imam
Extreme Employee

‎08-29-2017 05:18 AM

Hi Muthu,

If you are not using the MGMT VLAN to connect to your RADIUS Server, please replace the vr VR-MGMT with vr VR-Default in the command you listed. Please let us know if you have any other questions.
Thank you.

Best regards,
Andrew
0 Kudos

muthu_naganatha
New Contributor

‎08-29-2017 05:14 AM

Hi ,

I am not understanding what is the client-ip ?
  • configure radius netlogin primary server client-ip
Regards
N.Muthu

0 Kudos

dflouret
Extreme Employee
In response to muthu_naganatha

‎08-29-2017 05:14 AM

Naganathan, any station that wants to communicate to a Radius server must be registered as a client in the Radius server. And for every client, the Radius server will have a shared secret (think of it as a password) to validate that the client i the correct one.

So, you will need two enter commands in the switch:
configure radius netlogin primary server 192.168.1.74 client-ip 192.168.1.4 vr "VR-Default"
configure radius netlogin primary shared-secret "mysecret" (you can select a different one...)
And then you will need to add the switch as a client in NPS.

I nthe Windows server open NPS, open Radius Clients and Servers, select RADIUS Clients, right-click and select New:

15957071ab2d4a459cd24870e0ae1b9f_11622-1dnnlpv_inline.png



In the New RADIUS Client form input the switch address (192.168.1.4) in the Address field. Then enter the shared secret (mysecret, or whatever you chose in the previous command) in the Shared Secret and Confirm Shared Secret fields. Press OK to save. The new client should appear in the clients list.

15957071ab2d4a459cd24870e0ae1b9f_18601-1jtbgny_inline.png



Now the switch and the Radius server are ready to talk to each other.

0 Kudos

muthu_naganatha
New Contributor

‎08-29-2017 05:13 AM

Hi ,

While execute the command i am getting error message.
X440-24p-10G.12 # configure radius netlogin primary server 1812 client-ip 192.168.1.4 vr "VR-Mgmt"
Error: IP address 192.168.1.4 is not configured in virtual router "VR-Mgmt".

Regards.
Muthu
0 Kudos
GTM-P2G8KFN