Authenticate users with 802.1x using Radius NPS Server
I am trying to authenticate network users through 802.1x with the RADIUS NPS server (Microsoft). Using the HPE 1920 Coware5 Switch.
Here are the configurations I made:
radius scheme poc
server-type extended
primary authentication 10.10.10.36 key cipher $ c $ 3 $ H8Kj1Wq6vOPbeP2 + TtyGJfp4ZepkRhjm7O8qIXxiRFZ4
primary accounting 10.10.10.36 key cipher $ c $ 3 $ kGzN8Hs + xsGVZL1cVUzso4BHi5LJnZkZePxU7z1mLspW
key authentication cipher $ c $ 3 $ EQ / Uyt6JI1DmQOA6H2tIIkhxXA0iKTiTvJDYoraGqmz9
key accounting cipher $ c $ 3 $ uEU9hsmFqhI + 1eXLXPcWSst5uaTqSbbRY7tdv3IK00s2
user-name-format without-domain
nas-ip 10.10.10.1
domain poc
authentication login radius-scheme poc local
authorization login radius-scheme poc local
accounting login radius-scheme local poc
authentication lan-access radius-scheme poc local
authorization lan-access radius-scheme poc local
accounting lan-access radius-scheme local poc
access-limit disable
state active
idle-cut disable
self-service-url disable
domain default enable poc
dot1x
dot1x retry 10
dot1x authentication-method eap
NETWORK INTERFACE SETTINGS
GigabitEthernet interface1 / 0/11
auto-power-down port
stp edged-port enable
undo dot1x handshake
dot1x mandatory-domain poc
undo dot1x multicast-trigger
dot1x port-method portbased
dot1x
Radius nps settings
Authentication rule
* Condition * Value
NAS Port Type Ethernet
3Com Vendor Client
Local User Groups local\ Domain Users
Authentication Type EAP
The requisition packages for authentication arrive perfectly at the NPS Server, the user to be authenticated is part of the Group specified in the rule, but the authentication is flawed, the NPS server log always presents the same reason:
Authentication failed due to a user credentials mismatch.Either the user name provided does not map 'to an existing user account of incorrect.
Anyone with the example of a rule that should be created on the NPS server?