Welcome to TP-LINK Tech Support Forum
+ Reply to Thread
Results 1 to 9 of 9

Thread: 802.1X again

  1. #1

    802.1X again

    Model : T2600G-52TS

    Hardware Version : Not Clear

    Firmware Version : 2.0.0 Build 20160923 Rel.39814(s)

    ISP : -[/COLOR]

    I wish to deploy 802.1X auth in our network, but no luck. I have followed this guide: http://www.tp-link.com/hu/faq-787.html but not even able to trick the switch to try to authenticate against the radius server. Even the port stays authenticated however I expect it to change:

    Name:  asd.png
Views: 0
Size:  20.5 KB
    Any idea, suggestion... anything?

  2. #2
    I just realised that after the firmware upgrade I have booted the old one. Changing to the latest firmware did not help, still no 802.1X.

  3. #3
    Hahh, progress. Now I can see a MAB column for the port config, and enabling the MAB now I can see the access requests and answers, and enabled the network security/802.1X/VLAN Assignment too. However answering the following:
    (4) Sent Access-Accept Id 49 from 10.34.32.12:1812 to 10.34.32.21:45645 length 0
    (4) Reply-Message = "Device with MAC Address 5C-FF-35-0C-57-67 authorized for network access"
    (4) Tunnel-Type = VLAN
    (4) Tunnel-Medium-Type = IEEE-802
    (4) Tunnel-Private-Group-Id = "2"
    (4) Finished request

    I cannot see the port effected. The VLAN 2 is a blackhole one once a machine is fallen into should not able to ping outside, but it still can. My goal to use RADIUS server to auth and select VLANs for each MAC.

  4. #4
    To continue my monologue:
    - Still cannot get it working.
    - The support sent useless answer (a .jpg crop of the documentation, which was unavailable anyway at the moment) regarding what the MAB/VLAN assigment is. I know what it is, that's why I want it.
    - Meanwhile I have set up a RouterOS hotspot/MAB with the very same RADIUS server, and it is working, so I suppose the RADIUS server configuration is correct.
    - The support cannot answer even the simple questions like "is my (switch) configuration correct?"

    Did anyone ever managed to get help from TP-Link?

  5. #5
    Members TPTHZ is on a distinguished road
    Join Date
    Aug 2017
    Posts
    103
    Did you configured the guest vlan in 802.1x? Guest vlan can't work work with MAB at the same time in TP-LINK managed switch. I have asked them.

  6. #6
    No, the guest network is disabled - fortunately.

  7. #7
    Members TPTHZ is on a distinguished road
    Join Date
    Aug 2017
    Posts
    103
    Quote Originally Posted by fisherhu View Post
    No, the guest network is disabled - fortunately.
    I have not T2600G-52TS,but I have T2600G-28TS. I do the simple test accoridng to the FAQ you said.802.1X function is working well.
    Did you disable the status of port that connect to radius server?
    I suggest you configure port based 802.1X firstly, if every woking well then configure MAB and vlan assign.

  8. #8
    - the 802.x working
    - mab working
    - the vlan assignment not working (seems the switch ignores th Tunnel-Private-Group-Id) attribute.

    Meanwhile the support started to answer to my emails whitin a day, instead 9 days, so I hope it will be clear soon what the problem is.

    Now I have two threads here and the emails and not all in sync so I think I better "close" these ones and focus on the e-mails then provide the solution here once everything is clear.

    Last edited by fisherhu; 08-10-2017 at 17:57.

  9. #9
    Any success? We're currently facing the same issue on a T1600.


 

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts

Copyright 1996-2017 TP-LINK Technologies Co., Ltd. All rights reserved.