Thank you for your reply. Yes it is a 2930
I set auth to active, but show port-access config says it in not configured??
Port-access authenticator activated [No] : Yes
Allow RADIUS-assigned dynamic (GVRP) VLANs [No] : No
Use LLDP data to authenticate [No] : No
802.1X 802.1X Web Mac LMA Cntrl Mixed Speed
Port Supp Auth Auth Auth Auth Dir Mode VSA MBV
----- ------- -------- -------- -------- ----- ----- -------- ----- ---
1 No No No No No both No No Yes
2 No No No No No both No No Yes
3 No No No No No both No No Yes
4 No No No No No both No No Yes
5 No No No No No both No No Yes
6 No No No No No both No No Yes
7 No No No No No both No No Yes
8 No No No No No both No No Yes
Port access is configured for Radius:
| Login Login Login
Access Task | Primary Server Group Secondary
-------------- + ----------- ------------ ----------
Console | Local None
Telnet | Local None
Port-Access | EapRadius radius None
Webui | Local None
SSH | Local None
Web-Auth | ChapRadius radius None
MAC-Auth | ChapRadius radius None
SNMP | Local None
Local-MAC-Auth | Local None
It just looks like the config is not being applied to the port?
Thanks for your help
Original Message:
Sent: Sep 22, 2022 04:33 AM
From: Herman Robers
Subject: 802.1X port-access on Aruba 2030F switches not working
Under the assumption that you have an ArubaOS Switch (2930F), because I don't know the 2030F:
Looks like you missed the global configuration statement: 'aaa port-access authenticator active'
You could check 'show port-access clients' or 'show port-access clients 8 detail' (for details on port 8); for the actual status of your port-access.
The command 'show portacces config' will show the actual config for each port.
------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
Original Message:
Sent: Sep 21, 2022 06:18 AM
From: David Jones
Subject: 802.1X port-access on Aruba 2030F switches not working
Good day,
I've been asked to configure 802.1X wired port access with Radius server to prevent unauthorized devices connecting to our network.
But I'm struggling to get it to work at all. Here is the configuration on the switch:
radius-server host 10.99.16.22 key "XXXXXXXXXXXXXXXXXXXXX"
radius-server host 10.99.16.22 dyn-authorization
aaa authentication port-access eap-radius
aaa port-access authenticator 8
The port config looks like this:
interface 8
untagged vlan 201
aaa port-access authenticator
aaa port-access authenticator client-limit 1
The switch can see the Radius server and is configured.
When I patch a device that is not on the domain, nothing happens. The port still connects and is given an IP address in the corporate network.
I have enabled debug but I see no messages about port-access at all.
Am I missing something fundamental here?
Thanks in advance.