Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 

802.1x with 2948 GE-TX

Dear all,

I configured 802.1x with an 2950 and IAS ins the LAB, everything is working finde with dynamic VLAN Assignement and Guest VLAN.

I did the same with an 2948, I need to use it (mangement decission they don't want buy new one :-(( )

But I got an error message:

A malformed RADIUS message was received from client 10.1.2.100. The data is the RADIUS message.

Can somebody helps me?

I think it is a setting in the IAS Radius-Client setting, or I'm wrong? I tried Cisco o. Radius Standard.

Thanks, Sebastian

5 REPLIES

Re: 802.1x with 2948 GE-TX

Please make sure shared secret key is same on both ends.

Regards,

~JG

Re: 802.1x with 2948 GE-TX

Hi Jagdeep,

I'm sure!

Attacheed you find my config and IAS eventlog message..

thanks

Gold

Re: 802.1x with 2948 GE-TX

you might need to install wireshark on the server or somehow otherwise sniff the radius packets. this will give you more information than that event log.

Re: 802.1x with 2948 GE-TX

Thanks for the Idea..

Thats the output:

I think the service-types in IAS and the 2948 are not the same..any ideas? I tried with someone but it do not work. But, I get a second erros message in the ias..bevor I type in the password, something tried with another user azbycx, thats strange I think..

No. Time Source Destination Protocol Info

6 30.902648 10.1.2.100 10.1.20.10 RADIUS Access-Request(1) (id=3, l=119)

Frame 6 (161 bytes on wire, 161 bytes captured)

Ethernet II, Src: Cisco_11:b7:42 (00:13:c3:11:b7:42), Dst: Vmware_9c:a8:42 (00:0c:29:9c:a8:42)

Internet Protocol, Src: 10.1.2.100 (10.1.2.100), Dst: 10.1.20.10 (10.1.20.10)

User Datagram Protocol, Src Port: redstorm_join (2346), Dst Port: radius (1812)

Radius Protocol

Code: Access-Request (1)

Packet identifier: 0x3 (3)

Length: 119

Authenticator: 02FA248B0A0C213711B8213325BB1A04

Attribute Value Pairs

AVP: l=13 t=User-Name(1): CISLAB\test

User-Name: CISLAB\test

AVP: l=6 t=NAS-IP-Address(4): 10.1.2.100

NAS-IP-Address: 10.1.2.100 (10.1.2.100)

AVP: l=7 t=NAS-Port(5): [unhandled integer length(5)]

AVP: l=6 t=Framed-MTU(12): 1000

Framed-MTU: 1000

AVP: l=19 t=Calling-Station-Id(31): 00-17-42-21-6e-df

Calling-Station-Id: 00-17-42-21-6e-df

AVP: l=6 t=Service-Type(6): Framed-User(2)

Service-Type: Framed-User (2)

AVP: l=6 t=NAS-Port-Type(61): Ethernet(15)

NAS-Port-Type: Ethernet (15)

AVP: l=18 t=EAP-Message(79) Last Segment[1]

EAP fragment

Extensible Authentication Protocol

Code: Response (2)

Id: 1

Length: 16

Type: Identity [RFC3748] (1)

Identity (11 bytes): CISLAB\test

AVP: l=18 t=Message-Authenticator(80): 35D1789AA9FFED111C540DE63F093A53

Message-Authenticator: 35D1789AA9FFED111C540DE63F093A53

Re: 802.1x with 2948 GE-TX

It is working now with Software 8.4. I used 8.3 but this makes trouble in my case.

>Thanks all

336
Views
7
Helpful
5
Replies
CreatePlease to create content