Hi all,
I am trying to configure radius aaa authentication on an Aruba 6000 switch with MFA. I have it working on an HP J9774A 2530-8G-PoEP running firmware YA.16.11.0014.
The working config causes an approval request in my authenticator app after I enter my username and password
here is the config:
radius-server host 10.1.1.1 key "somekeystrinq"
aaa server-group radius "MyGroup-MFA" host 10.1.1.1
aaa server-group radius "MyGroup-MFA" nas-id "MyGroupMFA-Switch"
aaa authentication login privilege-mode
aaa authentication console login peap-mschapv2 server-group "MyGroup-MFA" local
aaa authentication console enable peap-mschapv2 server-group "MyGroup-MFA" local
aaa authentication ssh login peap-mschapv2 server-group "MyGroup-MFA" local
aaa authentication ssh enable peap-mschapv2 server-group "MyGroup-MFA" local
What I have on my 6000 switch running PL.10.13.1000
radius-server host 10.1.1.1 key plaintext somekeystring auth-type chap
aaa group server radius MyGroup-MFA
server 10.1.1.1
aaa authentication login console group MyGroup-MFA local
aaa authentication login ssh group MyGroup-MFA local
aaa radius-attribute group MyGroup-MFA
nas-id value MyGroupMFA-Switch
When i connect and enter my password if fails and requests the password again.
I am at a loss.
Thanks for any assistance
------------------------------
Steve Brown
------------------------------