cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2106
Views
0
Helpful
1
Replies

How to authenticate md5 ip phones using 802.1x with freeradius?

Majed Zouhairy
Level 1
Level 1

Peace,

whatever I do, I either can't get authenticated or get authenticated on the data vlan.

here is the relevant  switch configuration:

aaa group server tacacs+ Great
aaa group server radius U-turn
aaa authentication dot1x default group U-turn

aaa authorization network default group U-turn group Great local

 

dot1x system-auth-control

 


interface GigabitEthernet1/0/28
 description Experiment
 switchport access vlan 24
 switchport mode access
 switchport voice vlan 23

 authentication port-control auto
 authentication host-mode multi-domain
 authentication violation protect
 dot1x pae authenticator
 spanning-tree portfast
 spanning-tree bpduguard enable
end

 

here is the freeradius configuration which causes authentication on the data vlan:

 

reply attributes:

Tunnel-Medium-Type:1:=802

Tunnel-Private-Group-Id:1:=23

Check attributes:

Cleartext-Password:=communistssuck

Cisco-AVPair:=device-traffic-class=voice

 

anybody works for a money loving Government which instead of upgrading acs or getting ise forces to innovate with free radius?

Any idea what the correct attributes are or the how to configure this?

 

 

1 Accepted Solution

Accepted Solutions

Majed Zouhairy
Level 1
Level 1

The secret has been unmasked!

reply attributes:

Cisco-AVPair="device-traffic-class=voice"

Tunnel-Medium-Type=802

Tunnel-Private-Group-Id=23

Check attributes:

Cleartext-Password:=communistssuck

not the "=" and the ":=" accordingly

View solution in original post

1 Reply 1

Majed Zouhairy
Level 1
Level 1

The secret has been unmasked!

reply attributes:

Cisco-AVPair="device-traffic-class=voice"

Tunnel-Medium-Type=802

Tunnel-Private-Group-Id=23

Check attributes:

Cleartext-Password:=communistssuck

not the "=" and the ":=" accordingly

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: