cancel
Showing results for 
Search instead for 
Did you mean: 
ASRSI
New member
1 0 0 0
Message 1 of 1
106
Flag Post

SWITCH FLEXNETWORK 5130 (JG932A)

HP Recommended
Hello everyone, I am coming to you because I have a RADIUS authentication problem on my "FLEXNETWORK 5130 (JG932A)" switch.

I must set up a RADIUS to guarantee additional security on the interconnection equipment. So I have my RADIUS server (Win2012R2) with the parameters for RADIUS authentication inside, and on the other side my switch with this configuration :
[Val]dis cur
#
version 7.1.045, Release 3111P02
#
sysname Val
#
irf mac-address persistent timer
irf auto-update enable
undo irf link-delay
irf member 1 priority 1
#
lldp global enable
#
password-recovery enable
#
vlan 1
#
vlan 1012
name Admin
#
stp global enable
#
interface NULL0
#
interface Vlan-interface1012
ip address IP.IP.IP.IP MASK.MASK.MASK.MASK
#
interface GigabitEthernet1/0/1
port access vlan 1012
#
interface GigabitEthernet1/0/2
port access vlan 1012
#
interface GigabitEthernet1/0/3
#
interface GigabitEthernet1/0/4
#
interface GigabitEthernet1/0/5
#
interface GigabitEthernet1/0/6
#
interface GigabitEthernet1/0/7
#
interface GigabitEthernet1/0/8
#
interface GigabitEthernet1/0/9
#
interface GigabitEthernet1/0/10
#
interface GigabitEthernet1/0/11
#
interface GigabitEthernet1/0/12
#
interface GigabitEthernet1/0/13
#
interface GigabitEthernet1/0/14
#
interface GigabitEthernet1/0/15
#
interface GigabitEthernet1/0/16
#
interface GigabitEthernet1/0/17
#
interface GigabitEthernet1/0/18
#
interface GigabitEthernet1/0/19
#
interface GigabitEthernet1/0/20
#
interface GigabitEthernet1/0/21
#
interface GigabitEthernet1/0/22
#
interface GigabitEthernet1/0/23
#
interface GigabitEthernet1/0/24
port access vlan 1012
#
interface Ten-GigabitEthernet1/0/25
#
interface Ten-GigabitEthernet1/0/26
#
interface Ten-GigabitEthernet1/0/27
#
interface Ten-GigabitEthernet1/0/28
#
scheduler logfile size 16
#
line class aux
user-role network-admin
#
line class vty
user-role network-operator
#
line aux 0
user-role network-admin
#
line vty 0 63
authentication-mode scheme
user-role network-admin
user-role network-operator
protocol inbound ssh
idle-timeout 30 5
#
ssh server enable
#
radius scheme system
primary authentication IP.IP.IP.IP key cipher izrjoifnzoienhjskdnnjkezj=jzn+ (example key)
primary accounting IP.IP.IP.IP key cipher =+jzejkljnfzpaif)+jzdqnpoi (example key)
key authentication cipher =+ojzpoopo'ikz,nopqkczd,vopzv (example key)
key accounting cipher fiozenfiiopzjcop+,kladp+$ (example key)
user-name-format without-domain
#
domain system
authentication login radius-scheme system
authorization login radius-scheme system
accounting login radius-scheme system
authentication default radius-scheme system local
authorization default radius-scheme system local
accounting default radius-scheme system local
#
domain default enable system
#
role name level-0
description Predefined level-0 role
#
role name level-1
description Predefined level-1 role
#
role name level-2
description Predefined level-2 role
#
role name level-3
description Predefined level-3 role
#
role name level-4
description Predefined level-4 role
#
role name level-5
description Predefined level-5 role
#
role name level-6
description Predefined level-6 role
#
role name level-7
description Predefined level-7 role
#
role name level-8
description Predefined level-8 role
#
role name level-9
description Predefined level-9 role
#
role name level-10
description Predefined level-10 role
#
role name level-11
description Predefined level-11 role
#
role name level-12
description Predefined level-12 role
#
role name level-13
description Predefined level-13 role
#
role name level-14
description Predefined level-14 role
#
user-group system
#
local-user val class manage
password hashopzfojzsdocnzvkldnjoviovlnmlviozvopznvnpzvonzkqpoaq,dapoz+andapoi= (example key)
service-type ssh terminal https
authorization-attribute user-role network-ope
authorization-attribute user-role network-admin
authorization-attribute user-role network-level-15
authorization-attribute user-role network-operator
#
ip http enable
ip https enable
#
return
When I try to connect with my session the logs in the switch are good, I have good access as well as in my Windows 2012 R2 server the logs are also good. But the problem is the following: when I log on to a switch in SSH connection, it closes instantly ... and I have no control. Can you help me ? Thank you in advance. Val

 

 

0 Kudos
† The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation