This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Extreme Networks
- Community List
- Switching & Routing
- ExtremeSwitching (VSP/Fabric Engine)
- Enable RADIUS auth for CLI and EDM
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Enable RADIUS auth for CLI and EDM
Anonymous
Not applicable
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
01-21-2021 10:52 AM
Hi,
Just in the process of configuring RADIUS on a 8404 using version 8.2.
First thing I notice is when I try and enter this command:
radius server host 172.9.99.120 key ****** source-ip 10.0.0.210I get this error:
acli.pl: Redundant argument in sprintfMy assumption here is that this might be related to the new segmented management feature, so no longer need to define source-ip and enable
sourceip-flagI see in the configuration guide there is this command:
radius server host WORD used-by {cli|snmp|web} - cli—configure the server for CLI authentication.
- eapol—configure the server for EAPoL authentication.
- snmp—configure the server for SNMP authentication.
- web—configure the server for Web authentication
I don’t think this is what I am expecting it to be, but confused why I can only select one at a time, The default is cli.
If I try this:
radius server host 158.119.128.243 used-by web enableI get this error:
Error: setting RadiusServHostTbl, radius server does not existAlthough I think ‘used-by web’ isn’t related to the EDM, maybe web based authentication?
I have RADIUS configured just with the configuration below at the moment, and works when logging in for CLI access:
radius server host 158.119.128.243 key ******
radius server host 158.119.60.11 key ******
radius enable
radius accounting enable
radius accounting include-cli-commandsIssue is, how do I configure this so that (if its possible) that RADIUS auth is used for accessing the EDM?
What about those other options, how do I use those if I can only select one at a time?
I know I’ve completely miss-understood here the purpose of the commands, but just trying to add some context to understand in bigger picture.
Maybe some examples of their use will help?
Many thanks in advance.
Solved! Go to Solution.
1 ACCEPTED SOLUTION
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
01-21-2021 01:44 PM
Martin
If you see an error message with “acli.pl” in front of it, that is a message from my ACLI terminal, not the switch itself.
Yes, the & character gets interpreted as an iteration of values by my terminal.
You can put double-quotes around the sharedSecret and ACLI terminal will not then interpret “&” inside the quotes and the VSP seems able to correctly process a secretKey inside double-quotes also, I just tested it (but not single quotes!! VSP then uses the single quotes as part of the shared secret!!).
Else you just hit CTRL-T and come out of interactive mode (% prompt) then issue the command there.
Best regards
Ludovico Stevens
6 REPLIES 6
Anonymous
Not applicable
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
01-21-2021 01:51 PM
Hi Ludovico,
Need to change the answer to this post to your answer some how!
Hadn’t even dawned on me it could be that, gotten used to using the ACLI as a straight forward terminal emulator - taken it for granted :).
Interestingly I had been using Tera-Term, and just switched to the ACLI to get better outputs when using the cfg command.
Great to know as will bear this in mind in the future.
Thanks for testing, really appreciated.
Cheers,
Martin
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
01-21-2021 01:44 PM
Martin
If you see an error message with “acli.pl” in front of it, that is a message from my ACLI terminal, not the switch itself.
Yes, the & character gets interpreted as an iteration of values by my terminal.
You can put double-quotes around the sharedSecret and ACLI terminal will not then interpret “&” inside the quotes and the VSP seems able to correctly process a secretKey inside double-quotes also, I just tested it (but not single quotes!! VSP then uses the single quotes as part of the shared secret!!).
Else you just hit CTRL-T and come out of interactive mode (% prompt) then issue the command there.
Best regards
Ludovico Stevens
Anonymous
Not applicable
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
01-21-2021 12:59 PM
Same thing seems to be is happening when configuring the radius reachability account, have a password that contains characters:
@=!@[/*+_:|&?
And this this same error:
acli.pl: Redundant argument in sprintf
Anonymous
Not applicable
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
01-21-2021 12:43 PM
That worked!
Whether that is a bug or not I’m not sure, but one of these characters $ # ! & VOSS doesn’t like in the password?
