02-28-2013 02:44 AM - edited 03-07-2019 11:58 AM
Hello,
Sorry i'm new to the forum.
I need some help figuring out how to enable mab ! I entered the following commands on the switch
********************
aaa new-model
aaa authentication dot1x
dot1x system-auth-control
radius-server host IP
radius-server key KEY
interface G3/0/48
switchport mode access
authentication port-control auto
spanning-tree portfast
authentication host-mode single-host
mab
authentication order mab dot1x
-*******************
And on freeradius, I entered the Subnet address where all the switches are, I'm not using a database so the users file had something like this :
0008743e7a99 Auth-Type := "EAP", Cleartext-Password == 0008743e7a99
Tunnel-Type = 13,
Tunnel-Medium-Type = IEEE-802,
Tunnel-Private-Group-ID =4
( sorry dont have the file here left it at work )
and at the debug I get the message in the image!
I also made sure these lines exist in my files :
http://www.infos-du-net.com/forum/287066-8-comment-faire-authentification-radius
And I didnt delete the rest, what i did delete was a reject of the eap auth type at the top of /etc/raddb/sites-available/default file
and here's a small debug file my boss sent me but i don't know if it's relevent because he's trying to debug based on
a mac address that is not in the users file ( also joined to the message
So my question is.. What can I change to make the authentication Bypass Work??
I'd really like you to help me, I'm out of options and tutos... and english isn't my language so i'm havin a hard time understanding other forums
Did I mention I was a newbie?
- See more at: https://supportforums.cisco.com/message/3868672#3868672
07-07-2015 11:29 AM
This discussion has been reposted to the LAN, Switching and Routing community.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide