Should radius-accounting servers for a switch be explicitly set in NAC?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎01-22-2018 07:27 PM
Hello, everybody,
please, take a look at my configuration of a switch:
RADIUS-accounting servers are NAC servers. RADIUS accounting is set Enabled.
Should I explicitly set them in RADIUS servers? Tick the box and set both NAC servers as accounting servers? Or this is not necessary?
I ask it because when I do "Verify RADIUS configuration" procedure I get the error below in spite of MAC authenticaton works
Many thanks in advance,
Ilya
please, take a look at my configuration of a switch:
RADIUS-accounting servers are NAC servers. RADIUS accounting is set Enabled.
Should I explicitly set them in RADIUS servers? Tick the box and set both NAC servers as accounting servers? Or this is not necessary?
I ask it because when I do "Verify RADIUS configuration" procedure I get the error below in spite of MAC authenticaton works
Many thanks in advance,
Ilya
2 REPLIES 2
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎01-22-2018 07:33 PM
Hello,
It's necessary if NAC is controlling the RADIUS configurations on the switch and you want RADIUS accounting.
Configuration the "Switches" section does two things:
1. Updates the "clients.conf" file in the NAC to allow processing of RADIUS requests from the host and configures the RADIUS attributes to send scheme in NAC.
2. When "Enforce" and the device is supported NAC will write the appropriate RADIUS configurations to the switch. If RADIUS Accounting isn't configured and NAC can write RADIUS configurations it will overwrite any manual configurations that already exist.
Thanks
-Ryan
It's necessary if NAC is controlling the RADIUS configurations on the switch and you want RADIUS accounting.
Configuration the "Switches" section does two things:
1. Updates the "clients.conf" file in the NAC to allow processing of RADIUS requests from the host and configures the RADIUS attributes to send scheme in NAC.
2. When "Enforce" and the device is supported NAC will write the appropriate RADIUS configurations to the switch. If RADIUS Accounting isn't configured and NAC can write RADIUS configurations it will overwrite any manual configurations that already exist.
Thanks
-Ryan
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎01-22-2018 07:33 PM
Thank for your reply, Ryan!
I've set explicitly both NAC servers as RADIUS accounting server. Enforced switches. Nothing changed. "Verify RADIUS configuration" still reports Failure as check result.
I'll what happens tomorrow when people come and login.
Thanks.
I've set explicitly both NAC servers as RADIUS accounting server. Enforced switches. Nothing changed. "Verify RADIUS configuration" still reports Failure as check result.
I'll what happens tomorrow when people come and login.
Thanks.
