we configured the HP 5500 EI Switch with required dot1x configuration and the same with the Juniper NAC solution IC 6000
we configured the IC 6000 with preconfigured hp procurve dictionary ( we suspect it require a new dictionary file for HPN 5500 as it is different series )
the issue when user authenticating the switch forward the dot1x authentication to the Juniper and we can acknowledge on the IC 6000 however it didnÍt reply with authentication acceptance .
Any one has experience same, and any way to solve this issue.
Hi Matif J,
Hope you have added IC as radius server in HP switch and HP switch as radius client in IC device. Also ensure that you have
right dot1x EAP protocols enabled. Mostly this might be an issue.
Please check IC user access log, event log and SBR troubleshooting log on the IC device to identify the reason for failure.
Only with the log snippet information, we can find the issue. If you want immediate fix, I recommend you to open a case with JTAC support with the above mentioned logs.
Authentication should pass with any standard or old HP dictionary that you are using.
Only for authorization you will have to use correct dictionary files.
Issue you are experiencing should not be a problem with dictionary.
As told by others, you will have to check your basic configuration like IP-Address, Shared-Secret, EAP protocols, certificates etc.. Logs/packet capture should help here.