This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
RUCKUS Self Help |   ASK the Pack
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

dot1x & MAC auth using RADIUS with Router Code

robert_lowe_722
Contributor III

‎09-17-2018 01:21 PM

Hi All,

We're implementing dot1x and MAC auth on 7150 stack (08.0.80) running router code (basic). We've configured dot1x and MAC auth to RADIUS just like we have successfully in our lab environment (7250 switch code) but it doesn't work. The RADIUS server never even gets a request but we have confirmed connectivity between the two. IP interface VE exists in the test VLAN and default route to the WAN. I have a feeling it has something to do with the fact we dont have a management VLAN specified, but as i understand it, when running router code, this is not an option? Quite new to ICX so still figuring things out. Any pointer appreciated.

Auth-mode multiple-untagged
  auth-default-vlan XXX
  restricted-vlan YYY
  auth-fail-action restricted-vlan
  auth-timeout-action failure
  dot1x enable
  dot1x enable ethe 3/1/1
  dot1x port-control auto ethe 3/1/1
  mac-authentication enable
  mac-authentication enable ethe 3/1/1
  mac-authentication password-format xx:xx:xx:xx:xx:xx

aaa authentication dot1x default radius

radius-server host WWW.XXX.YYY.ZZZ auth-port 1812 acct-port 1813 default key 2 $RSddJzVvYish dot1x mac-auth
2 REPLIES 2

william_hadley_
New Contributor III

‎09-24-2018 11:49 AM

You can specify a VE or Interface to use.

ip radius source-interface x

Please refer to the Security guide section Source address configuration Radius


robert_lowe_722
Contributor III

‎09-24-2018 03:46 PM

Thanks William, this is exactly what i was looking for!
0 Kudos
Copyright © 2024 Khoros, LLC