10-21-2009 06:34 AM - edited 03-06-2019 08:14 AM
I need to configure web authentiocation on 2960 switch with Software (C2960-LANBASEK9-M), Version 12.2(52). Here is the configuration used on the switch:
aaa new-model
aaa group server radius accounting-group
server X.X.X.X auth-port 1812 acct-port 1813
!
aaa group server radius authentication-group
server X.X.X.X auth-port 1812 acct-port 1813
!
aaa authentication login default group authentication-group local
aaa authentication dot1x default group authentication-group
aaa authorization network default group authentication-group local
aaa authorization auth-proxy default group authentication-group
aaa accounting send stop-record authentication failure
aaa accounting exec default start-stop group accounting-group
aaa accounting network default start-stop group accounting-group
aaa accounting resource default stop-failure group accounting-group
ip device tracking
ip admission name rule2 proxy http inactivity-time 60
interface FastEthernet0/3
switchport access vlan XXX
switchport mode access
ip access-group policy2 in
authentication order webauth
ip admission rule2
ip access-list extended policy2
permit udp any any eq domain
permit udp any any eq bootps
This is not working. Any help will be appreciated. Many thanks
10-21-2009 07:22 AM
Does this have to do with the hardware I am using or the image or something on the command line or even on the ACS server? Any help will be appreciated please. Many thanks for your anticipated help.
10-22-2009 03:04 AM
I have just tried this on a 3560 switch and still does NOT work. Any idea please? Any help will be highly appreciated. Many thanks
10-22-2009 03:35 AM
What could this debug message mean:
NRH reply fail for X.X.X.X where X.X.X.X is the host IP address. Any help will be highly appreciated.
10-22-2009 06:28 AM
I am getting this message from the debug:
dropping service type, "radius-server attribute 6 on-for-login-auth" is off
Does any one knows what this is? Could this be the issue? The web authentication is still NOT working. Any help will be highly appreciated. Many thanks for your help.
11-03-2009 02:54 AM
Issue resolved. Firewall to blame
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide