This post is more than 5 years old
33 Posts
0
316007
Dell 2848 Radius
Hi,
I am trying to enable Radius authentication on an 2848 (to W2k12).
I've tried following this guide - http://www.darylhunter.me/blog/2010/06/dell-powerconnect-radius-windows-server-2008-nps.html
or this older one http://www.dell.com/downloads/global/products/pwcnt
/en/3424_radius_auth_using_msserver.pdf.
Both require configuration on the switch via telnet using the aaa command.
Now as it seems the 2848 does not have that particular command.
I have set up the switch to my best knowledge using the GUI (according to info from manual), but its not working.
Is there a guide working for the 2800 series on how to configure this on Switch/Remote side?
Thanks
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
0
January 6th, 2016 13:00
After some further testing on this, it turns out the 2800 series switches do not support radius authentication for managing the switch. It supports radius for dynamic vlan assignment/ dot1x operations. You will need to stick with local authentication. I apologize about my initial misinformation.
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
0
January 5th, 2016 11:00
The 2848 has a very basic CLI, with the GUI being the intended method of configuration. The user guide has details on configuring a RADIUS server on page 70. That would be the first place I would start.
http://dell.to/1LLe8BV
If that does not work, maybe you could walk us through the steps you have taken on the switch, what the rest of the RADIUS setup looks like, and what outcome you are seeing.
thanks
trottig
33 Posts
0
January 5th, 2016 12:00
Hi,
I used the gui first, its rather self explenatory after all. Just tried following guides as it didnt work out.
Basically I went to Radius Settings, entered my Radius Server IP, left Priority on 0, left port on 1812 and only added the Keystring i created on Windows Server 2012 - i entered the full length string but that was too long for the 128 chars limit, so I took the first 128 chars only on both sides.
On the W2k12 server i followed the first URl linked before to setup the Radius server, I created a Radius client as described and both types of Network policies (different dell switches)
I tried then looging on to the switch with my Domain Admin account (mydomain\Administrator or only Administrator) but only get the normal Access denied message.
Is the username Administrator an issue? too long maybe? Or what other steps would I need to take?
Is there any step needed to activate the usage of Radius?
Thanks
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
0
January 5th, 2016 13:00
I see, so you want to use the RADIUS server to authenticate access to the switch, and not for port based authentication?
trottig
33 Posts
0
January 5th, 2016 13:00
Correct
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
0
January 6th, 2016 06:00
Is Administrator the same username as any local users on the switch? Is the switch able to ping the RADIUS server? Does a Telnet session produce the same results? You mentioned another Dell switch? Is it a different model? Does RAIDUS authentication work on it?
trottig
33 Posts
0
January 6th, 2016 10:00
-No, only other user is admin - tried with and without domain
-Yes Telnet same result (login not allowed)
-Yes ping works
-Dell switches from first link i provided (5224 and 3448 , both enabled with aaa commands), there it seems to work. But they had to configure the Radius profile appropriatly; that might me incorrect for the 2848 but I have no clue what would be required and can't find anything for it
The only other Dell switch I could try would be an 2816, dont think that would make a difference
trottig
33 Posts
0
January 6th, 2016 14:00
Now thats disappointing ... and extremely bad documented.
Nevertheless, thanks for your help