GS1900-24, 802.1x and local aaa

Options
Christian
Christian Posts: 1
edited August 2022 in Switch
Hi all,

I am trying to set up a GS1900-24 to use 802.1x based on local authentication. When I turn on 802.1x, I am prompted for account name / password (or a certificate) as expected. However, when I enter the correct credentials, my client (MacBook Pro on 10.14.6) times out and does not authenticate.

Neither the logs on the switch nor on the client show anything relevant. 

I tried with the default AAA method alone, and I also tried with other ones AAA methods. I did not find any place where I would have to specify which AAA method should be used for 802.1x (I tried the method name "dot1x" too). 

This must be something very small and trivial -- but I can't find it. Help would be appreciated. 

kind regards,
   Christian. 


#Biz_Sep_2019

All Replies

  • Zyxel_Derrick
    Zyxel_Derrick Posts: 126  Zyxel Employee
    First Anniversary Friend Collector First Answer First Comment
    Options

    When you enable 802.1x and configure the port needs to do authentication, the traffic towards the port will be blocked before passing the auth
    After passing the auth, the traffic can go through
    Normally, 802.1x is cooperated with external server like RADIUS/TACACS+ to do the authentication
    Switch is just a role of forwarder but not a server 
    Then, server will check if it has this account's info and if the password is correct 

    About the AAA auth method, it refers to the method you would like to apply to access switch's web GUI after passing the authentication
    If you configure local, you will use local account to login switch's web GUI
    If you configure RADIUS, you will use RADIUS account to login switch's web GUI
    Therefore, if you want to configure 802.1x, you need an extra server to cooperate with the switch
    Thanks

    Best regards,
    Zyxel_Derrick

Categories

Switch Help Center

EnglishTiếng ViệtРусскийไทย中文(台灣)