Skip to main content
Start a Conversation

Unsolved

This post is more than 5 years old

21hertz

5 Posts

1594

September 26th, 2016 08:00

Using MAC Authorization Bypass (MAB) with RADIUS using PAP (same as Cisco)?

We have a Cisco-environment but we are evaluating Dell switches N2000-series as access-switches.

Everything but MAB seems to work.

Debugging in the Dell switches shows that it wants an EAP Message and not PAP.

Cisco uses PAP as default. It works great with our backend LDAP-server. But not with Dell switches.

Is it possible to configure MAB to use PAP?

21hertz

5 Posts

September 26th, 2016 13:00

Thanks for the answer!

That is unfortunate for Dell, it is one of the most used features around campus networks, esp. those who have been using Cisco. I'm not sure if you can use EAP while using a RADIUS-server with LDAP as backend. I haven't found anyone else who got it working. I would be very glad if it would work.

I have tried enabled EAP-auth in our FreeRADIUS-server, but no luck. The FreeRADIUS logs complains about the User-Name not matching EAP Identity for some reason. But User-Name is just a MAC-address when using MAB. If it is possible to use EAP with RADIUS/LDAP combination, it would be nice to see some RADIUS configuration example but I haven't found anything else but examples for Windows Servers.

DELL-Josh Cr

Moderator

 • 

9.4K Posts

September 26th, 2016 13:00

Hi,

It looks like the N2000 only supports EAP, I have not found any settings or mention of PAP in any documentation. http://downloads.dell.com/manuals/common/networking_nxxug_en-us.pdf

Was this post helpful?

View All

No Events found!

Top