Hi Michael, Although not an expert by any means on the wireless side, I’ve seen problems (on C2 switches) where you *seem* to get authorised by Radius, i.e. the Radius server sends an Access-Accept packet rather than Access-Reject, but the switch still wouldn’t let you login. However as Michael Boschet, Jr. pointed out, the Radius server MUST also supply the correct parameters in the Access-Accept packet. This is usually the ‘filter-id’ parameter which needs to be set with the text string similar to “Enterasys:version=1:policy=Student”
Regards, Andy Middlehurst From: Michael Baye [mailto:[email protected]] Sent: 01 March 2011 18:38 To: Enterasys Customer Mailing List Subject: Re: [enterasys] C4110 + problems with PEAP/MSCHAPv2 Hi, well, it is using the same policy for our "wireless users" as the Aruba controller. Also, I can see within the logs, that access is granted. So, this is obviously correct, isn´t it? Michael Are you returning the appropriate attributes from your RADIUS server to select the correct policy? For example for a user in the Administrator policy we use Enterasys:version=1:policy=Administrator. Or for a Student Enterasys:version=1:policy=Student. The policy= has to match the policy you are have configured on your wireless controllers. * --To unsubscribe from enterasys, send email to [email protected]<mailto:[email protected]> with the body: unsubscribe enterasys [email protected]<mailto:[email protected]> --- To unsubscribe from enterasys, send email to [email protected] with the body: unsubscribe enterasys [email protected]
