11-08-2011 01:35 AM
--->>>So it would be good in the first step to get RAIUS up and running !
In my preview Post, I wrote:
--->>> all that requiered a correct configure RADIUS Server, Port, Secret Password, Vendor Attributes, and Auth-Protocol should be set as CHAP.
AFAIK*, PAP is not supported for RADIUS Config on Brocade Switch in Combination with Windows Server 2008 !
--->>> PAP is supported but not suggested.
11-08-2011 03:07 AM
The last error message Gunter provide was an issue with Connection request Policy.
This has nothing to do with CHAP or PAP nor with suggest or not suggested. It is only about the way how the passwords are encryped.
It is clear that CHAP provides better password protection but in this case some more activities are needed on the RADIUS server which Gunter haven't done jet.
You are welcome to help Gunter with configuration examples of a working RADIUS server.
11-08-2011 03:23 AM
11-08-2011 03:35 AM
Hi Andreas and TechHelp24,
first many thanks for your effort and please excuse the delay
I've now done quite a lot of testing with different configurations. See short Doc attached.
11-08-2011 03:49 AM
--->>> The RADIUS Attribute here is in Vendor Specific only “admin” nothing else.
give a look here
Before adding a VSA, check the list of attributes in the NPS dictionary. If the required VSA is present, use it. If not, you can add the VSA to the settings of the network policy.
11-08-2011 05:47 AM
You have no chassis rights. This should be the reason why you can't run aaaconfig commands.
You should adjust now your RADIUS config.
I thinks you have a problem with your Vendor specific attributes.
The Vendor assigned attribute number does not fit to the correct value name. I can not see how you have set this is your config.
11-08-2011 07:42 AM
I think I don't need Chassis Rights, do I ? There is no VF configuration - sorry my failure.
As Antonio says I have only to study the NPS funktions and configuration - this is my lack, I know.
.. But a Brocade windows server8 NPS RADIUS practical example would be so nice...
I think we can leave it here now. Since I still have to handle other jobs I can perform further tests until next week.
Thanks again to you.