SG3452XP authentication with 802.1X with certificates is not forwarding Access-Challenge packages
SG3452XP authentication with 802.1X with certificates is not forwarding Access-Challenge packages
Hi,
I'm trying to set up this switch for 802.1x authentication against a MS NPS Radius server. The clients should authenticate with auto enrolled user certificates.
The problem is that the switch is not fowarding the Access-Challenge from the radius server to the client.
I captured the following package exchange on the client pc. Additionally, I set the Switch-CPU-Port to be mirrored to the port of the client pc so that I can capture the communication Switch <-> Radius server as well in the same capture session.
Up unitl package 16 everything looks like it should. But after this package the switch doesn't forward the challenge to the client and the client retries to start the authentication process again after some time.
The switch loggs "Client challenge-response timeout." in it's logs.
Is there a way to configure the switch or get a fixed firmware so that it will forward the challenge to the client? Is there something special to configure?
Thanks in advance.
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
marfr wrote
Hi @Clive_A ,
could you please post a link to the firmware you mentioned.
Everywhere I searched, I only found the version that's already on the device or firmware for other devices and this doesn't help me.
The switch is still sitting on my desk for evaluation and was turned off for the last weeks. We can't progress further without the fix for this issue.
Best regards
https://support.omadanetworks.com/en/product/sg3452xp/?resourceType=download
- Copy Link
- Report Inappropriate Content
Hi @Clive_A ,
thanks for the link to the global site.
I will test this new version shortly and give feedback if the issue is fixed.
By the way: not all regional sites are up to date. I looked at some sites yesterday and they did not have the new firmware version.
https://support.omadanetworks.com/de/product/sg3452xp/?resourceType=download for example (and my default site I get redirected to because of geo-targeting) still has no new firmware version.
And there's no (at least for me obvious) way to get from a regional site to the global version, just to other regional sites.
Best regards and thanks
- Copy Link
- Report Inappropriate Content
marfr wrote
Hi @Clive_A ,
thanks for the link to the global site.
I will test this new version shortly and give feedback if the issue is fixed.
By the way: not all regional sites are up to date. I looked at some sites yesterday and they did not have the new firmware version.
https://support.omadanetworks.com/de/product/sg3452xp/?resourceType=download for example (and my default site I get redirected to because of geo-targeting) still has no new firmware version.
And there's no (at least for me obvious) way to get from a regional site to the global version, just to other regional sites.
Best regards and thanks
Contact local support regarding the firmware page on the regional website.
Forum team does not maintain the local sites as it is under the maintenance of each support center.
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 740
Replies: 13
Voters 0
No one has voted for it yet.