Re: UAC Integration with Huawei Switches

smagra_complus_ · ‎11-19-2008

Hi guys,

We are configuring 2 IC 6500 2.2 R3 (the latest release) with switches 802.1X from Cisco and Huawei vendors. The switch Cisco worked fine, but we cannot make the switch Huawei work.

We saw that the config steps of the Huawei is almost the same that the 3Com swichtes.

We saw that the authentication (Active directory user) is passing and also the host checker policy. The problem is that the switch port is not opened, therefore the machine cannot acess the Network.

Do you experience an installation with Huawei (or 3com) Switches?

It is necessary to send some attribute from the IC?

It is necessary to upload the Huawei (or 3Com) Radius dictionary in order to make it work?

Thanks in advance

Best regards

Sergio Magra

GuyDavies_ · ‎11-19-2008

Hi Sergio,

I'm afraid I don't have any direct experience of the Huawei or 3Com switches, but the Trapeze Networks switches (some of which were OEMed by 3Com) use the same authorization parameters that most L2 switches use to identify the behaviour of the port.

IIRC, it's something like Tunnel-Medium-Type (6 = IEEE-802), Tunnel-Type (13 = VLAN) and Tunnel-Private-ID, which is used to carry the VLAN tag.

If there is any logging on the Huawei, try turning on logging of AAA authorization. That may also give you a hint as to what it believes is missing.

Hope that helps,

Rgds,

Guy

PeteF_ · ‎04-30-2009

Is this still an issue for you? I have recently worked on a UAC deployment with 3Com switches. We did have to use a 3Com dictionary file. Are you trying to assign a vlan? Are you using EAP-TTLS or EAP-PEAP? What are the switch models that you are trying to use? Believe it or not, they are not all the same.

Can you post the switch config and radius attributes that you are returning from the IC?

Arcor_ · ‎05-11-2010

Where did you find the huawei dictionary?