Hello, everybody,
I want to setup MAC-based auth on Summits using NAC as RADIUS for Identity-Management purposes.
Summit sends requests to NAC, NAC receives them, but denies. I suppose, that the summit is not set as Radius client in NAC.
What I have on the Summit:
# Module netLogin configuration.
#
configure netlogin vlan NTLG
configure netlogin add mac-list ff:ff:ff:ff:ff:ff 48
enable netlogin ports 1-44 dot1x
enable netlogin ports 1-44 mac
configure netlogin ports 1 mode mac-based-vlans
configure netlogin ports 1 no-restart
configure radius netlogin primary server 192.168.13.251 1812 client-ip 192.168.13.5 vr VR-Default
configure radius netlogin primary shared-secret encrypted "#$OQazk8Nl5IHctghlB3infcpFFq9JBiFSRoujfikB"
enable radius netlogin
What I get on Summit after "enable netlogin dot1x mac" command:
05/30/2017 15:24:57.11 Attempted the configured number of retries (3) to each of the 1 authentication servers without a server response for F4-6D-04-1B-D0-9B(username 'F46D041BD09B') on port 19.
05/30/2017 15:24:55.10 Attempted the configured number of retries (3) to each of the 1 authentication servers without a server response for F0-BF-97-DC-23-E7(username 'F0BF97DC23E7') on port 15.
05/30/2017 15:24:52.11 Attempted the configured number of retries (3) to each of the 1 authentication servers without a server response for 14-DA-E9-F7-BC-59(username '14DAE9F7BC59') on port 9.
05/30/2017 15:24:52.11 Attempted the configured number of retries (3) to each of the 1 authentication servers without a server response for 3C-07-54-46-66-8D(username '3C075446668D') on port 6.
05/30/2017 15:24:52.11 Attempted the configured number of retries (3) to each of the 1 authentication servers without a server response for 50-46-5D-73-81-0A(username '50465D73810A') on port 5.
In this condition all the ports configured are blocked.
On that time on NAC I have the following:
How can I make NAC to accept these requests?
Many thanks in advance,
Ilya
I want to setup MAC-based auth on Summits using NAC as RADIUS for Identity-Management purposes.
Summit sends requests to NAC, NAC receives them, but denies. I suppose, that the summit is not set as Radius client in NAC.
What I have on the Summit:
# Module netLogin configuration.
#
configure netlogin vlan NTLG
configure netlogin add mac-list ff:ff:ff:ff:ff:ff 48
enable netlogin ports 1-44 dot1x
enable netlogin ports 1-44 mac
configure netlogin ports 1 mode mac-based-vlans
configure netlogin ports 1 no-restart
configure radius netlogin primary server 192.168.13.251 1812 client-ip 192.168.13.5 vr VR-Default
configure radius netlogin primary shared-secret encrypted "#$OQazk8Nl5IHctghlB3infcpFFq9JBiFSRoujfikB"
enable radius netlogin
What I get on Summit after "enable netlogin dot1x mac" command:
05/30/2017 15:24:57.11
05/30/2017 15:24:55.10
05/30/2017 15:24:52.11
05/30/2017 15:24:52.11
05/30/2017 15:24:52.11
In this condition all the ports configured are blocked.
On that time on NAC I have the following:
How can I make NAC to accept these requests?
Many thanks in advance,
Ilya
