Reset Search
 

 

Article

How to configure Mac-based Netlogin with Radius on EXOS

« Go Back

Information

 
TitleHow to configure Mac-based Netlogin with Radius on EXOS
Objective
Configure Mac-based Netlogin using Radius.
Environment
  • EXOS
  • Summit
  • BlackDiamond
  • Windows Server 2013
Procedure
Type the following commands in EXOS with default configuration that has IP connectivity to the radius server.

Netlogin Configuration:
  • create vlan nt_login
  • configure netlogin vlan nt_login
  • enable netlogin mac
  • configure netlogin mac authentication database-order radius
  • configure netlogin add mac-list default
Note: You may see a warning message at this point that the port does not have Netlogin enabled.
  • enable netlogin ports <port_number> mac
  • configure netlogin ports <port_number> mode port-based-vlans
Switch Radius configuration:
  • configure radius netlogin primary server <radius server IP> client-ip <source IP for radius request from switch>
  • configure radius netlogin primary shared-secret <secret>
  • enable radius netlogin
Windows server 2013 NPS configuration:
  1. The radius client In the NPS server is used to allow devices to send radius authentication request to the server.  Make sure you use the same shared secret configured on the switch.  The Radius client IP needs to encompass the switch client IP configured earlier.
User-added image
  1. In the NPS settings window click on policies.  Create a Network policy to allow MAC authentication connections that uses PAP.
User-added image
  1. Add the group that your MAC users are in to the NPS policy.
User-added image
Additional notes
You will need to remove the password complexity on Windows Server 2013 in order to use a MAC address as a password.

How to add a MAC address as a user in Windows Server:

Example MAC: 11-22-33-44-55-66 or 11:22:33:44:55:66
Netlogin server User:112233445566
Netlogin server Password: 112233445566

Related Articles:
How to configure Mac-based Netlogin with the local database
How to configure 802.1x based Netlogin with Radius

REF related Hub thread: 
https://community.extremenetworks.com/extreme/topics/assign-vlan-on-mac-netlogin-with-freeradius​

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255