Hello,
I'm trying to build a radius authentication on my EX4200.
So, I installed a Freeradius server and configured 802.1X authentication on the EX4200.
My issue is when I try to authenticate with a computer connected to the EX4200, there is no request send to the radius server.
Following, this is the traceoptions on the EX4200 :
Feb 23 16:22:01 trace_on: Tracing to "/var/log/dot1x" started
Feb 23 16:22:01.785917 esp client start recv job
Feb 23 16:22:01.792882 background dispatch running job esp recv for task ESP Client.128.0.0.1
Feb 23 16:22:01.792941 eswd lib mac auth query
Feb 23 16:22:01.792967 eswd lib Received mac auth query
Feb 23 16:22:01.792989 Fdb query from eswd mac 58:55:ca:25:50:f0 vlan id 3
Feb 23 16:22:01.793026 Mac address 58:55:ca:25:50:f0 on interface ge-0/0/2.0 NOT found in Static list
Feb 23 16:22:01.793056 Authentication check for mac 58:55:ca:25:50:f0 on i/f 65 vlan configured/default returned pending : vid = 0
Feb 23 16:22:01.793080 eswd lib Sending reply for mac authentication
Feb 23 16:22:01.793157 background dispatch running job esp tx queue for task ESP Client.128.0.0.1
Feb 23 16:22:01.794089 esp client Dequeue tx job. Bytes sent 40
Feb 23 16:22:02.099250 esp client start recv job
Feb 23 16:22:02.099402 background dispatch running job esp recv for task ESP Client.128.0.0.1
Not really usefull.
Following, the configuration on my EX4200 :
radius-server {
10.14.1.33 {
port 1812;
secret "$9$2igGiPfz6CuQFu1EyW8VwYgZUik.5z3"; ## SECRET-DATA
source-address 10.11.1.201;
}
}
profile profile1 {
authentication-order radius;
radius {
authentication-server 10.14.1.33;
}
}
dot1x {
traceoptions {
file dot1x;
flag all;
}
authenticator {
interface {
ge-0/0/2.0 {
supplicant multiple;
transmit-period 60;
reauthentication 5;
supplicant-timeout 5;
server-timeout 5;
maximum-requests 5;
}
}
}
}
The EX4200 is abble to join the Radius Server
root# run ping 10.14.1.33
PING 10.14.1.33 (10.14.1.33): 56 data bytes
64 bytes from 10.14.1.33: icmp_seq=0 ttl=62 time=1.732 ms
64 bytes from 10.14.1.33: icmp_seq=1 ttl=62 time=1.425 ms
I tried with OS X and Windows client.
I don't know what is missing to enable request forwarding to the radius server.
Someone has an idea ?
Thanks.