Avaya Support Forums

Avaya Support Forums (http://support.avaya.com/forums/index.php)
-   Avaya Networking Products (http://support.avaya.com/forums/forumdisplay.php?f=25)
-   -   Unable to get ERS 3526 to work with Ignition Server (http://support.avaya.com/forums/showthread.php?t=5416)

ceped2 10-29-2014 01:19 PM

Unable to get ERS 3526 to work with Ignition Server
Does any one have a quick manual on how to and what to configure in a ERS 3526T-PWR so it can Authenticate users in with the Ignition Server?
  • Configured the EAPoL on the 3526
  • Added the Radius
  • Added switch as Authenticator
  • Created a simple access-polcy (that worked with cisco)

I was able to connect the Ignition Server to a Cisco 2960 and on the laptop was able to get the the windows EAPoL window, entered my user and password previously created in the Ignition Server - Internal Users and authenticated correctly. This was done with a few commands in Cisco but my problem is that I try to do the same test with and avaya 3526 I canīt get it to work, had read many manuals but still without success on this, I think this should be easier than Cisco.

bdholmes 11-03-2014 12:48 PM

On my lab 4500 switch I use this config on the users ports:
eapol multihost port 1/1-24 enable eap-mac-max 2 allow-non-eap-enable non-eap-mac-max 2 radius-non-eap-enable non-eap-phone-enable use-radius-assigned-vlan non-eap-use-radius-assigned-vlan eap-packet-mode unicast

How are you configured? Any error message in the switch log?

bdholmes 11-05-2014 07:32 AM

From my 4500's I use this doc which describes how to configure the switch: NN47205-505

reddy93 11-11-2014 06:24 AM

Unable to get ERS 3526 to work with Ignition Server
Hi Ceped2,

Regarding your query about the EAP authentication, below is a sample working EAPOL configuration on ERS3526T-PWR switch.

! *** CORE ***
radius server host x.x.x.x <Radius-Server IP>
radius server host key "nortel" <Key set as nortel on Ignition and the ERS switch>
! *** EAP ***
interface FastEthernet ALL
eapol port 10-20 status auto <Port numbers of the EAPOL clients >
! *** EAP Guest VLAN ***
! *** EAP Fail Open VLAN ***
! *** EAP Voip VLAN ***
eapol enable

Are we looking for a specific EAPOL Authentication mechanism like SHSA, MHMA, MHSA, Guest VLAN, Non-EAP & RADIUS MAC. If yes, would it be possible for you to share the EAPOL module of #show running-configuration output?

Please navigate to the link below for assistance in configuring the Identity Server.
This document still holds valid for the product ERS 3500. Ensure that you select the appropriate settings while configuring the Identity Routing on the Ignition server <Refer to page 22 or 57 in the PDF document>. If you opt for the Default Set setting, make sure you check-in the Identity routing box.

Kindly share your thoughts replying to this thread. You are most welcome for a discussion on this.

Thank you!

ceped2 11-20-2014 06:04 PM

Tried to configure it many ways but no luck, how is it possible that no documentation from Avaya on making this simple configuration.:mad:

ceped2 05-07-2015 03:27 PM

With this type of switches I activated the DHCP Server and this process consumed many resources that is was I was not able to activate the rest of the features needed.

Disables the DHCP Server on the switch and was able to perform the configuration and lastly activated the DHCP.

All times are GMT -7. The time now is 12:27 PM.