Comware

Hello, I have a problem radius authentication (NPS) for an H3C Switch S3600-SI. I have an Access-Reject (3) information on the Radius server with Wireshark. In the Access-Request information, I have information, vendor specific (26), v: Huawei Technology Co, Ltd (2011). Huawei connect-ID (26): 8

I added in request Radius, a vendor-specific (26) with vendor-code (2011) but I do not know what to put in configure attribute.

Do you have a solution to my pb?

thanks

Mathieu

Hello!

How is your switch configuration?

I recommend you use NTRadPing to validate the configuration of your Radius server.

Hello,

There is my configuration:

H3C Comware Platform Software
Comware Software, Version 3.10, Release 1702P44
Copyright (c) 2004-2013 Hangzhou H3C Technologies Co., Ltd. All rights reserved.
H3C S3600-28P-PWR-SI

 sysname H3C
#
radius scheme system
radius scheme radius1
 server-type extended
 primary authentication 172.24.3.51 key cipher $c$3$7LB8/u/L8nqGThpfUrRoQZtnBz9WlZwz66QM
 primary accounting 172.24.3.51 key cipher $c$3$dX2eVvAe7Y0fT6yIt/yh14b8NDqXLfITDR27
#
domain system
 authentication radius-scheme radius1 local
 authorization local
 accounting radius-scheme radius1 local
#
local-user admin
 password cipher $c$3$BI/qC84VEaBDx7oPbWjT+r6ZFjqOIv9BqlsN
 service-type ssh telnet terminal
 level 3
local-user read
 password cipher $c$3$+WbSrqtii4TLaFFkeFSlk8hiznxTXuZhZZYk
 service-type ssh telnet terminal
 level 1
#
vlan 1
#
interface Vlan-interface1
 ip address 172.24.3.15 255.255.255.0
#
interface Aux1/0/0
#
interface Ethernet1/0/1
 poe enable
#
interface Ethernet1/0/2
 poe enable
#
interface Ethernet1/0/3
 poe enable
#
interface Ethernet1/0/4
 poe enable
#
interface Ethernet1/0/5
 poe enable
#
interface Ethernet1/0/6
 poe enable
#
interface Ethernet1/0/7
 poe enable
#
interface Ethernet1/0/8
 poe enable
#
interface Ethernet1/0/9
 poe enable
#
interface Ethernet1/0/10
 poe enable
#
interface Ethernet1/0/11
 poe enable
#
interface Ethernet1/0/12
 poe enable
#
interface Ethernet1/0/13
 poe enable
#
interface Ethernet1/0/14
 poe enable
#
interface Ethernet1/0/15
 poe enable
#
interface Ethernet1/0/16
 poe enable
#
interface Ethernet1/0/17
 poe enable
#
interface Ethernet1/0/18
 poe enable
#
interface Ethernet1/0/19
 poe enable
#
interface Ethernet1/0/20
 poe enable
#
interface Ethernet1/0/21
 poe enable
#
interface Ethernet1/0/22
 poe enable
#
interface Ethernet1/0/23
 poe enable
#
interface Ethernet1/0/24
 poe enable
#
interface GigabitEthernet1/1/1
#
interface GigabitEthernet1/1/2
#
interface GigabitEthernet1/1/3
#
interface GigabitEthernet1/1/4
#
 undo irf-fabric authentication-mode
#
interface NULL0
#
 voice vlan mac-address 0001-e300-0000 mask ffff-ff00-0000
#
 ip route-static 0.0.0.0 0.0.0.0 172.24.3.1 preference 60
#
 ssh authentication-type default all
#
user-interface aux 0 7
user-interface vty 0 4
 authentication-mode scheme
#
return

What is the username to fill in NTRADPING?

My Radius server run with HP Procurve, 5130, 3600 V2, A5500

Thanks

Look into windows event log, it might give you clues what goes wrong

Hello,

I still have the problem, how to test with NTRADping the switch connexion please?

Thanks

Mathieu