Wired Intelligent Edge

 View Only
last person joined: yesterday 

Bring performance and reliability to your network with the HPE Aruba Networking Core, Aggregation, and Access layer switches. Discuss the latest features and functionality of your switching devices, and find ways to improve security across your network to bring together a mobile-first solution
Back to discussions
Expand all | Collapse all

Aruba 6000 aaa with MFA not working

This thread has been viewed 13 times

  • 1.  Aruba 6000 aaa with MFA not working

    Posted Mar 22, 2024 09:20 AM

    Hi all,

    I am trying to configure radius aaa authentication on an Aruba 6000 switch with MFA.  I have it working on an HP J9774A 2530-8G-PoEP  running firmware YA.16.11.0014.

    The working config causes an approval request in my authenticator app after I enter my username and password

    here is the config:

    radius-server host 10.1.1.1 key "somekeystrinq"

    aaa server-group radius "MyGroup-MFA" host 10.1.1.1
    aaa server-group radius "MyGroup-MFA" nas-id "MyGroupMFA-Switch"
    aaa authentication login privilege-mode
    aaa authentication console login peap-mschapv2 server-group "MyGroup-MFA" local
    aaa authentication console enable peap-mschapv2 server-group "MyGroup-MFA" local
    aaa authentication ssh login peap-mschapv2 server-group "MyGroup-MFA" local
    aaa authentication ssh enable peap-mschapv2 server-group "MyGroup-MFA" local

    What I have on my 6000 switch running PL.10.13.1000

    radius-server host 10.1.1.1 key plaintext somekeystring auth-type chap
    aaa group server radius MyGroup-MFA
        server 10.1.1.1
    aaa authentication login console group MyGroup-MFA local
    aaa authentication login ssh group MyGroup-MFA local
    aaa radius-attribute group MyGroup-MFA
        nas-id value MyGroupMFA-Switch

    When i connect and enter my password if fails and requests the password again.

    I am at a loss.

    Thanks for any assistance



    ------------------------------
    Steve Brown
    ------------------------------


  • 2.  RE: Aruba 6000 aaa with MFA not working

    EMPLOYEE
    Posted Mar 24, 2024 02:35 AM

    you need authorisation as well, the details are in this link.

    check this video from Airheads Broadcasting



    ------------------------------
    If my post was useful accept solution and/or give kudos.
    Any opinions expressed here are solely my own and not necessarily that of HPE or Aruba.
    ------------------------------

    Original Message


  • 3.  RE: Aruba 6000 aaa with MFA not working

    Posted Mar 26, 2024 09:05 AM

    Thanks for the pointer - i'll check it out.

    Steve


    Original Message