Wired Intelligent Edge

 View Only
last person joined: 17 hours ago 

Bring performance and reliability to your network with the HPE Aruba Networking Core, Aggregation, and Access layer switches. Discuss the latest features and functionality of your switching devices, and find ways to improve security across your network to bring together a mobile-first solution
Back to discussions
Expand all | Collapse all

AAA Authentication - Default logon domain on E-Series

This thread has been viewed 0 times

  • 1.  AAA Authentication - Default logon domain on E-Series

    Posted Feb 16, 2016 07:47 AM

    Hi everyone

    I want to setup AAA Authentication for SSH access to my E-Series switches but I am currently banging my head aganist the wall with the following issue: 

    I want to use peap-mschapv2 as primary authentication method and then fallback to the local user database if RADIUS server is unavailable. Which is currently working as intended in my lab setup. 

    But I would also like to be to authentication into the switch with a local user when the RADIUS server is avaliable, and as far as I can tell this is not possible. 

    At all times when the switch is able to reach the RADIUS server it sends all the authentication requests to the RADIUS server. 

    Is there a way to specify a default login domain like the A-series switches? So for example when I type manager@localhost it authentications to the local user database on the switch but when I type <username>@domain.local the authentication request is sent to the RADIUS server?

    Thanks in advance

    //Anders


    #authentication
    #A-Series
    #Radius
    #e-Series
    #aaa


  • 2.  RE: AAA Authentication - Default logon domain on E-Series

    Posted Feb 16, 2016 09:43 AM

    afaik, this is by design.  Fallback to local database only occurs when radius server times out. 



  • 3.  RE: AAA Authentication - Default logon domain on E-Series

    Posted Feb 17, 2016 02:07 AM

    Damnit, but thanks alot for your reply 16again.

    Regards, Anders