This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Should radius-accounting servers for a switch be explicitly set in NAC?

Should radius-accounting servers for a switch be explicitly set in NAC?

Ilya_Semenov
Contributor

‎01-22-2018 07:27 PM

Hello, everybody,

please, take a look at my configuration of a switch:

RADIUS-accounting servers are NAC servers. RADIUS accounting is set Enabled.

Should I explicitly set them in RADIUS servers? Tick the box and set both NAC servers as accounting servers? Or this is not necessary?

f042944781fe48188de450d7d9827fa8_RackMultipart20180122-32384-1j167xc-555_inline.jpg



I ask it because when I do "Verify RADIUS configuration" procedure I get the error below in spite of MAC authenticaton works

f042944781fe48188de450d7d9827fa8_RackMultipart20180122-33188-15m3u7-666_inline.jpg



Many thanks in advance,
Ilya
0 Kudos
2 REPLIES 2

Ryan_Yacobucci
Extreme Employee

‎01-22-2018 07:33 PM

Hello,

It's necessary if NAC is controlling the RADIUS configurations on the switch and you want RADIUS accounting.

Configuration the "Switches" section does two things:

1. Updates the "clients.conf" file in the NAC to allow processing of RADIUS requests from the host and configures the RADIUS attributes to send scheme in NAC.

2. When "Enforce" and the device is supported NAC will write the appropriate RADIUS configurations to the switch. If RADIUS Accounting isn't configured and NAC can write RADIUS configurations it will overwrite any manual configurations that already exist.

Thanks
-Ryan
0 Kudos

Ilya_Semenov
Contributor
In response to Ryan_Yacobucci

‎01-22-2018 07:33 PM

Thank for your reply, Ryan!

I've set explicitly both NAC servers as RADIUS accounting server. Enforced switches. Nothing changed. "Verify RADIUS configuration" still reports Failure as check result.

I'll what happens tomorrow when people come and login.

Thanks.
0 Kudos
GTM-P2G8KFN