This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

extreme radius reauth

extreme radius reauth

sebd44
New Contributor

‎01-08-2019 01:05 PM

hello all, i hope you can help me
i'm working with extreme switch x440-24t and a cisco ise device, everything is working well, but in the posture phase the switch doesnt accept a radius reauthentication to move from from one vlan to another and then finally the result is going to be that in the ise device it's going to end up in another rule

i followed this guide to do it:
https://community.cisco.com/t5/security-documents/ise-2-4-posture-using-snmp-coa-with-extreme-switches/ta-p/3641460

and finally the only way to send radius attributes is to be via coa snmp?
0 Kudos
2 REPLIES 2

sebd44
New Contributor

‎01-10-2019 01:07 PM

Hi Peter, we are running about 15 and 16 version there are really old images
i think i will not be able to do it, i will make the upgrade to make it in that way


Current State: OPERATIONAL
Image Selected: secondary
Image Booted: secondary
Primary ver: 15.2.2.7
Secondary ver: 16.2.5.4
patch1-7


and finally for web auth, with is line of config should i send web auth from a nac server to a client connected to port 23-24 from the extreme switch, or should i need a ios images or i'm missing some commands



enable netlogin dot1x mac web-based
configure netlogin authentication protocol-order mac dot1x web-based
enable netlogin ports 23-24 web-based
configure netlogin base-url "srv-nac.domain.com"
configure netlogin redirect-page "https://google.com"
enable netlogin reauthenticate-on-refresh


enable web http
enable web https
configure ssl certificate hash-algorithm sha512
configure dns-client add name-server 1.1.1.1 vr VR-Default
configure dns-client add domain-suffix domain.com

i followed this guide

https://community.extremenetworks.com/aaa-radius-230508/netlogin-web-based-example-6733869



https://www.dropbox.com/s/dnhja1paz9f4m7g/SVC%20Tech%20NI%20Tech%20Guide%20Switch%20Netlogin%20Web%20Auth%20v1.pdf?dl=0



please can you tell me if i need to make an upgrade to the switch?
0 Kudos

PeterK
Contributor III

‎01-10-2019 08:11 AM

have you checked this:?
https://gtacknowledge.extremenetworks.com/articles/Q_A/Is-the-Change-of-Authorization-feature-available-in-EXOS/?q=xos+coa&l=en_US&fs=Search&pn=1
0 Kudos
GTM-P2G8KFN