Hi,
I am in deep trouble right now. I want to use 802.1x Port based authentication for my testbed, doesn't seems to be sucessful.
(Laptop XP)---------------------(switch cisco catalyst 2970)---------------------------(radius server).
On Laptop I have choosed EAP-MD5 challange for authentication. The switch is also enabled with radius and 802.1x. on the raduis server I have this entries in radius.conf file
eap {
md5 {
username = <BEGIN_UNAME>radiuser11<END_UNAME>
password = <BEGIN_PASS> radiuser11<END_PASS>
}
username = <BEGIN_UNAME>radiuser11<END_UNAME>
password = <BEGIN_PASS> radiuser11<END_PASS>
}
}
In the users file I have enterd for this user.
radiuser11 Auth-Type:= EAP, User-Password== "radiuser11"
Service-Type = Framed-User,
Fall-Through:= Yes
Service-Type = Framed-User,
Fall-Through:= Yes
in the clients file I have this enrty for switch.
129.69.1.50 cisc391s2790 #changed by Aoun 6-4-04
in the naslist I have this entry
129.69.1.50 local cisco # changed by Aoun 6-4-04
with the above all given entries I am able to get the following result.
18:11:19.828169 129.69.1.50.radius > testserv.rus.uni-stuttgart.de.radius: rad-access-req 104 [id 49] Attr[ NAS_ipaddr{129.69.1.50} NAS_port_type{Async} User{radiuser11} Service_type{Framed} Framed_mtu{1500}(zero-length attribute)
18:11:24.825612 testserv.rus.uni-stuttgart.de.radius > 129.69.1.50.radius: rad-access-reject 20 [id 49] (DF)
The radius server is always rejecting the authentication request.
I have tried the Ideas I received on this list by Frederic but no sucess. Can somebody tell me either my configurations are wrong or any other cause of this problem. I have looked on internet nobody have defined the exact way to do so. I am looking for help to proceed.
Thanks.
Aoun.
University of Stuttgart.
Do you Yahoo!?
Yahoo! Finance Tax Center - File online. File on time.