07-25-2017 04:02 AM - edited 03-11-2019 12:53 AM
When I login to an HPE switch using radius, the switch sends the client IP address along with the authentication request but when I do the same with a Cisco IOS switch (6509 15.1(2)SY6) the client IP isn't there. Is it possible to add this attribute to authenstication request in IOS?
Thanks
07-25-2017 05:01 AM
Have you tried either of the following below - Just ensure the same IP address you use is configured on the actual Radius server.
Global config command and also a radius group command.
UK-SW-1F-01(config-sg-radius)#ip radius source-interface ?
UK-SW-1F-01(config)#ip radius source-interface ?
Auto-Template Auto-Template interface
Capwap Capwap tunnel interface
GigabitEthernet GigabitEthernet IEEE 802.3z
GroupVI Group Virtual interface
InternalInterface Internal Interface
Loopback Loopback interface
Lspvif LSP virtual interface
Null Null interface
Port-channel Ethernet Channel of interfaces
TenGigabitEthernet Ten Gigabit Ethernet
Tunnel Tunnel interface
Vlan Catalyst Vlans
07-25-2017 05:44 AM
That's the NAS address you're referring to, I'm talking about the client IP.
When I ssh into an HPE switch my laptops IP address is included in the authentication request to the radius server but with a cisco switch it doesn't contain my IP address.
07-25-2017 05:51 AM
Ah apologies I misread.
Do you have the following global comman in the switch config -
radius-server attribute 8 include-in-access-req
I can test this later to check also.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide