‎01-28-2024 03:13 AM
Hi,
1.Does 5520 /X440-g2 series switch supports MSCHAPV2 for radius authentication method?
2.if it is supports how to configure it?
Thanks
Solved! Go to Solution.
‎01-29-2024 10:50 AM
Ah! Sorry. Couldn't see anywhere specific in your request on this. Yes it supports MSCHAP V2.
First, you need to specify the RADIUS server that the switch will use for authentication.
configure radius add <RADIUS_Server_IP> <Server_Index> client-ip <Switch_IP> vr VR-Default configure radius <Server_Index> primary
The shared secret is used to encrypt communication between the switch and the RADIUS server.
configure radius <Server_Index> shared-secret <Shared_Secret>
Configure the timeout and retry values to determine how the switch interacts with the RADIUS server.
configure radius <Server_Index> timeout <Timeout_Value> configure radius <Server_Index> retries <Retry_Value>
Tell the switch to use RADIUS authentication for login.
configure radius netlogin primary configure radius mgmt-access primary
While the specific command can depend on the EXOS version, you generally need to ensure that the RADIUS server is configured to use MSCHAPv2 for authentication. This is typically configured on the RADIUS server side.
It's often wise to configure a fallback method, such as local authentication, in case the RADIUS server is unreachable.
configure account admin-password
To ensure that your settings persist after a reboot, save the configuration.
save configuration
‎07-15-2024 07:06 AM
Hi,
As far as I know EXOS doesn't support MSCHAPv2 for MGMT or MAC Auth. Only PAP.
Isn't that correct?
‎07-15-2024 07:06 AM
Hi,
As far as I know EXOS doesn't support MSCHAPv2 for MGMT or MAC Auth. Only PAP.
Isn't that correct?
‎01-29-2024 12:22 AM
Hi,
Thanks for your reply. but my scenario is to authenticate the switch for managing the switch not
Thanks & regards
.
‎01-29-2024 10:50 AM
Ah! Sorry. Couldn't see anywhere specific in your request on this. Yes it supports MSCHAP V2.
First, you need to specify the RADIUS server that the switch will use for authentication.
configure radius add <RADIUS_Server_IP> <Server_Index> client-ip <Switch_IP> vr VR-Default configure radius <Server_Index> primary
The shared secret is used to encrypt communication between the switch and the RADIUS server.
configure radius <Server_Index> shared-secret <Shared_Secret>
Configure the timeout and retry values to determine how the switch interacts with the RADIUS server.
configure radius <Server_Index> timeout <Timeout_Value> configure radius <Server_Index> retries <Retry_Value>
Tell the switch to use RADIUS authentication for login.
configure radius netlogin primary configure radius mgmt-access primary
While the specific command can depend on the EXOS version, you generally need to ensure that the RADIUS server is configured to use MSCHAPv2 for authentication. This is typically configured on the RADIUS server side.
It's often wise to configure a fallback method, such as local authentication, in case the RADIUS server is unreachable.
configure account admin-password
To ensure that your settings persist after a reboot, save the configuration.
save configuration
‎01-29-2024 10:25 PM
Hi Brent,
I am using exos 31.3.1.3.if i am not specifying anything about MSCHAP V2 in switch ,switch will sent request to radius server using unencrypted way such as PAP, etc.Then how radius server will authenticate?
Thanks& Regards
