Reset Search
 

 

Article

XOS Switches fail MAC authentication and SecureStack B or C Series pass

« Go Back

Information

 
TitleXOS Switches fail MAC authentication and SecureStack B or C Series pass
Symptoms
XOS Fails mac-authentication
B, C, G Series switches pass mac authentication
Environment
NAC
Access Control
 
Cause
 B, C, D, G SecureStack Series switches uses a mac authentication password of NOPASSWORD
The XOS devices uses the mac-address as the password by default
Resolution
Most customers automatically authenticate mac-authentications without checking passwords or credentials by the setting. See the below, in this configuration the Authenticate Request Locally for is UNCHECKED. This means it will run through the Authentication rules below. In this case, it will hit the last one for Local Authentication.
User-added image
So it will use the below settings for local authentication
User-added image

However, for customers that do want to check mac-authentications either locally or on the backend for the username and/or password, we can alter the default password on the XOS devices to match the SecureStack Settings.

configure netlogin add mac-list default NOPASSWORD



 
Additional notes
Default Securestack radius.log from NAC appliance

2019-08-01 18:02:46,424: Debug: (260)   User-Name = "00-6D-04-00-94-B5"
2019-08-01 18:02:46,424: Debug: (260)   Service-Type = Framed-User
2019-08-01 18:02:46,424: Debug: (260)   Called-Station-Id = "00-B3-99-A2-E6-EE"
2019-08-01 18:02:46,424: Debug: (260)   Calling-Station-Id = "00-6D-04-00-94-B5"
2019-08-01 18:02:46,424: Debug: (260)   NAS-Identifier = "X-B5"
2019-08-01 18:02:46,424: Debug: (260)   NAS-IP-Address = 1.2.3.4
2019-08-01 18:02:46,425: Debug: (260)   NAS-Port = 114
2019-08-01 18:02:46,425: Debug: (260)   NAS-Port-Type = Ethernet
2019-08-01 18:02:46,425: Debug: (260)   NAS-Port-Id = "ge.3.10"
2019-08-01 18:02:46,425: Debug: (260)   User-Password = "NOPASSWORD"


----
XOS 
2019-09-11 13:21:52,472: Debug: (202)   User-Name = "00004C68197D"
2019-09-11 13:21:52,472: Debug: (202)   User-Password = "0000C68197D"
2019-09-11 13:21:52,472: Debug: (202)   NAS-IP-Address = 172.16.0.22
2019-09-11 13:21:52,472: Debug: (202)   Called-Station-Id = "00-00-96-b4-28-a2"
2019-09-11 13:21:52,472: Debug: (202)   NAS-Identifier = "X450"
2019-09-11 13:21:52,472: Debug: (202)   NAS-Port = 1004
2019-09-11 13:21:52,472: Debug: (202)   NAS-Port-Type = Ethernet
2019-09-11 13:21:52,472: Debug: (202)   Service-Type = Framed-User
2019-09-11 13:21:52,472: Debug: (202)   Framed-MTU = 1300
2019-09-11 13:21:52,472: Debug: (202)   Calling-Station-Id = "00-00-4C-68-19-7D"



 

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255