This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

how to configure dot1x on ExtremSwtich ?

how to configure dot1x on ExtremSwtich ?

Anonymous
Not applicable

‎04-16-2022 09:18 PM

Hello, I am new on ExtremSwitch and am trying to build a port based authentication with Freeradius.
  • And i need your confirmation please about my steps for configuring the Extrem switch as authenticator

This is my Lab Schematic:
df3c3976031a457aa3515ba2f933e491.png
This is my switch config that i need your confirmation for it: (is it correct ?)
create vlan purgatory
configure netlogin vlan purgatory
enable netlogin dot1x
enable netlogin ports 1 dot1x
configure netlogin ports 1 mode port-based-vlans
configure netlogin ports 1 restart
configure vlan A ipaddress 192.168.1.1/24
configure radius netlogin primary server 192.168.1.2 1812 client-ip 192.168.1.1 vr "VR-Default"
configure radius netlogin primary shared-secret ilovesecret
enable radius netlogin

on the radius side (MD5 authentication) i created a :
client switch {
ipv4add = 192.168.1.1
secret = ilovesecret
}

on my kali side i just enable port based authentication from the network setting but am not sure is that enough ?
8cf7f96281924a3385a96c1edee06813.png
50e539cd25fa4f8a8fc04471af56d54b.png

when i send request with radclient, my kali not authenticated on the switch  ? do i miss something in my config ?
e92a9cec87ea4787bf2ec78b709f9b55.png
e792650be9c84fb3b08c0319b3adde7b.png

I hope if i detailed my lab and config well , i will be waiting your answers please, thx
0 Kudos
2 REPLIES 2

Anonymous
Not applicable

‎04-19-2022 12:03 PM

can we get some reply on my question or not ?
0 Kudos

Ty_Izzet
Extreme Employee
In response to Anonymous

‎04-19-2022 04:23 PM

Hello,

Could you check the 'show log' output for any 802.1x messages to see whether there are any failures or authentication attempts? The following article could be used as a guideline to compare the configuration for 802.1x: https://extremeportal.force.com/ExtrArticleDetail?an=000081809&q=802.1x%20nps

Running a packet capture on the switch, client, and server may be ideal to see whether there any request and responses and help isolate if the EAPOL packets are being sent received.

0 Kudos
GTM-P2G8KFN