Unsolved
1 Message
0
1823
Mac-Based + radius n3000 switch series.
Hello, I'm trying to set-up radius+mac-based authentication on ethernet ports.
But first I don't know if it is supported by the switch, second there are point in the documentation that I don't understand.
What I don't understand is the mab command, what does it do exactly ?
What does exactly dot1x port-control mac-based does ?
What I see is that I have an error message
dot1xBamResponseAction: Failed getting auth method, logical port 0. Could not determine the authentication method to be used . Probably because of a mis-configuration.
the configuration is
authentication enable
dot1x system-auth-control
aaa authorization network default radius r
adius server auth 192.168.254.70
primary
name "Default-RADIUS-Server"
usage 802.1x
key xxxxxx
exit i
nterface Gi1/0/1
description "testfg"
switchport mode general
switchport general pvid 161
switchport general allowed vlan add 161,3013
dot1x port-control mac-based
mab
authentication order mab
authentication priority mab
exit
DELL-Josh Cr
Moderator
Moderator
•
8.5K Posts
0
November 13th, 2018 11:00
Hi,
MAB allows ports to be authenticated based on their mac address, rather than with credentials. dot1x port-control mac allows for the port to authenticate multiple mac addresses on a single port, for example an IP phone and a client PC. The error sounds like it is not able to get the authentication from the radius server.
coopdea
1 Message
0
May 8th, 2019 09:00
If I am using the port for data and voice, I will need to add the dot1x port-control mac-based correct?