Jason Parker jparker at enterasys.com writes:
IGMP traffic
Set up IGMPsnooping
Ok, I enabled igmpsnooping on the switch (all ports)
set igmpsnooping adminmode enable
set igmpsnooping interfacemode ge.*.*;tg.*.* enable
and additionally the router
ip igmp
interface vlan 123
ip igmp
Marki,
Did you also enable it on the router (config) as well as all VLANs?
Btw
This (bcmRX) is normally received traffic (could be broadcasts
etc.)but there are other things as well.
Could you send me your configuration- I prefer show support (
directly- jpar...@enterasys.com) and I will review
We use mschap v2 with our Enterasys gear; it should work fine. The switch just
passes along the info to NPS, which is authenticating the end-point.
Patrick Printz
Network Infrastructure
Quinsigamond Community College
670 West Boylston Street
Worcester, MA 01606-2092
w. 508-854-7517
c.
PAP is it for switch logins. The shared secret setup between the switch and
NPS should encrypt the traffic. I would take a network trace to verify.
From: geoffroy.hugue...@cea.frmailto:geoffroy.hugue...@cea.fr
[mailto:geoffroy.hugue...@cea.fr]
Sent: Thursday, February 14, 2013 4:04 AM
To:
Check which firmware you are on. I know that with the C-Series v6.41 (if I
recall correctly) and below only supported PAP/CHAP. Im not 100% as to
which version enabled MSCHAPv2 support, but I had to upgrade all of my
switches to v6.61 to get that functionality. I use NPS as well.
-Rob
---
Rob
I took a trace between NPS and my PC. We see the login in clear text and
password in crypt text.
I had the same idea that the shared secret should encrypt the traffic. It
doesn’t seem.
I will look at this nevertheless.
thanks
Geoffroy HUGUENIN
CEA VALDUC
VA/DSTA/STLI/LSIS
21120
To authenticate user and end-point, we can use MSCHAP v2 but for the
management access, only PAP works.
On our G3 we use the v6.61.
thanks
Geoffroy HUGUENIN
CEA VALDUC
VA/DSTA/STLI/LSIS
21120 IS-SUR-TILLE
Téléphone : 03 80 23 77 80
De : Rob Yamry [mailto:rya...@kimberly.k12.wi.us]
I dont have any G3s here so I cant comment on that, but with my C- and
K-Series I only use radius for management access and I only use MSCHAPv2.
-Rob
---
Rob Yamry | Network Engineer | Kimberly Area School District | Phone:
920.788.7900 x 4158 | Direct: 920.423.4158 |
I'll check into this. MSCHAPv2 would be very cool, I've wondered for quite
awhile why the switches weren't capable of the newer auth methods.
On Feb 14, 2013, at 7:33 AM, Rob Yamry
rya...@kimberly.k12.wi.usmailto:rya...@kimberly.k12.wi.us wrote:
I dont have any G3s here so I cant comment on