1 Reply Latest reply on Jul 9, 2015 10:33 AM by levi

    How to set up 802.1x authentication?

    comake New Member

      I found documentation on this topic:




      Since I'm using Windows Server 2012, the settings are pretty different. Here's what I've done to try to set this up:


      Installed the NAP service on Windows Server 2012. Configured it for Ethernet and added the Adtran router as a RADIUS client. On the Adtran side, I had it set up to point to the NAP server with the pre-shared key. Then forced telnet (Just as a test) to use RADIUS for authentication. When I try to telnet, it brings up the "username". I did debug aaa and debug radius and here's the output:


      Router#AAA: New Session on portal 'TELNET 0 ('.

      AAA: Session using AUTHENTICATION list 'LoginUseRadius'.

      AAA: Attempting authentication (username/password).

      RADIUS AUTHENTICATION: Sending packet to VRF: -DEFAULT- (1812).

      RADIUS AUTHENTICATION: Waiting on response from server

      RADIUS AUTHENTICATION: Receiving from RADIUS socket

      RADIUS AUTHENTICATION: Response received from server ( VRF: -DEFAULT- l=20

      RADIUS AUTHENTICATION: Received response from VRF: -DEFAULT-.

      AAA: RADIUS authentication failed.

      AAA: Error in method. Moving to next method 'group radius'

      AAA: Closing Session on portal 'TELNET 0 ('.

      is the test PC, is the Adtran router, is the NAP server and is the Domain Controller. I have registered the NAP server in Active Directory and it's added to the Domain.


      Now just in case I missed something and it only works for Port-Auth, I set up the Port Security to use "Auto" for authorization. When I set it up on the PC, it only says "Authentication failed". It doesn't bring up a notification to put in credentials even though I set it up not to use the current credentials.


      Sorry for the long post, but I wanted to try to post as much information as I could think of that you'd need.


      Any help would be greatly appreciated, thank you!