[FreeRadius] Mac Authen with Centos
yesi
yesi at posteo.net
Wed Dec 9 12:12:49 CET 2020
On 12/4/20 6:28 PM, Michael Schwartzkopff wrote:
> I assume this is a problem of the switch. If it does not send out RADIUS
> packets, then the RADIUS server cannot receive any.
>
>
> Did you assign the profile to interfaces?
>
> Mit freundlichen Grüßen,
To put in the context, here are the added informations :
* radius server IP : a.a.a.a
* switch Huawei IP : b.b.b.b
* client network IP range e.g. VLAN 25 : c.c.c.c
A client is configured with an IP in the vlan 25.
When connected to a switch port for the MAC Authen, the client can't
ping the gateway of the VLAN 25.
On the switch,
switch > display access-user
------------------------------------------------------------------------------------------------------
UserID Username IP
address MAC Status
------------------------------------------------------------------------------------------------------
16 toto-account x.x.x.x -
Success
2070 client_mac_address client_ip_address
client_mac_address Pre-authen
------------------------------------------------------------------------------------------------------
On the Radius server, a local test is OK.
From the Huawei switch, a test with a test user "bob" is OK. In the
debug mode, "radiusd -X", we see the packets. When a machine tried to
connect to the switch, in the debug mode, "radiusd -X", there is no
message. There are no packets from the capture on the radius server when
: tcpdump -vnni ens160 src "port 1812 or port 1813" tcpdump -vnni ens160
src "host b.b.b.b or host c.c.c.c"
For the Huawei Network engineer, the conf on the switch is ok...
I have no idea where to look at.
y.
More information about the Freeradius-Users
mailing list