How can we help you today?
Start a new topic

Enable 802.1X on snom 710 with MD5

Hi, 


I am trying to implement 802.1x on snom 710 phone using Windows NPS server running on server 2012 R2 


Since Snom 710 only support EAP-MD5 , i had to tweak the registry to allow support for MD5. I enabled 802.1x and entered username & password, but i am still getting Failed notification. 


Do you have any documentation on setting 802.1x EAP-MD5 ? What Constraints should i use in NPS server ? Only allow MD5-Challenge , or should i also add EAP(PEAP) to the list?


image



image



Guy,


You're getting failed notifications where? Is the Switch receiving the EAPOL Start from the D710? Is the Windows NPS Server receiving the EAP-Responses for the Access-Request and Access-Challenge from the Switch? Which firmware is on the D710?


Regards,



Snom Support

Hello, 


I am not sure where i am failing and i am not sure if i configure the NPS correctly. I am also not sure if i need to enter the username with or without the domain name information (should i use domain/username or just username ?)


This is why i am asking for a guide or any other documentation that you have which explain the 802.1x configuration using windows NPS on server 2012 R2 and EAP-MD5 authentication.


BTW - my snom version is -  8.7.5.35


I am also attaching logs i have from the snom. 


If you need additional information, i will be happy to provide, just let me know from where should i get it. I have also logs from the Juniper switch: 

Jan 3 11:21:12.600237 Port Info is NULL for portnum:0

Jan 3 11:21:12.600267 ASIF: Authenticator handling of Server frame failed

Jan 3 11:21:12.600323 Deleted background job to process replies from authentication client

Jan 3 11:21:12.601937 Task receive function invoked

Jan 3 11:21:12.602107 EAPOL packet received on interface ge-0/0/18.0

Jan 3 11:21:12.602160 Creating background job to process EAPOL frame

Jan 3 11:21:12.602245 Entering background job to process received EAPOL frames rx_frame_node_count=1

Jan 3 11:21:12.602282 Invoking state machine for frame received on interface ge-0/0/18

Jan 3 11:21:12.602313 Received an EAPOL Frame...

Jan 3 11:21:12.602359 Frame is targetted to this machine...

Jan 3 11:21:12.602405 EAPOL Frame Received on Port: 88 !!!

Jan 3 11:21:12.602457 AuthHandleInEapFrame: Received MAC based Eap Frame

Jan 3 11:21:12.602519 AuthSession node with Mac: 4137a-d837 in session AIP DB found !!!

Jan 3 11:21:12.602623 Port: 88 obtained Native Vid: 3

Jan 3 11:21:12.602673 Session Node for MAC: -4137a-d837- Port: 88 obtained ...

Jan 3 11:21:12.602725 ASM Called with Event: RXRESPID, and State: Connecting

Jan 3 11:21:12.602768 for Port: 88, MAC: 4137a - d837

Jan 3 11:21:12.602808 Id: 1, SessionNode: 3b6000

Jan 3 11:21:12.602847 ASM: Inside PnacAuthAsmRxrespConnecting

Jan 3 11:21:12.602902 TMR: Timer is deleted

Jan 3 11:21:12.602948 ASM moved to state: AUTHENTICATING !!

Jan 3 11:21:12.602997 BSM Called with Event: AUTHSTART, and State: Idle

Jan 3 11:21:12.603040 for Port: 88, MAC: 4137a-d837

Jan 3 11:21:12.603081 Id: 1, SessionNode: 3b6000

Jan 3 11:21:12.603141 TMR: Timer is started

Jan 3 11:21:12.603183 BSM moved to state: RESPONSE !!

Jan 3 11:21:12.603232 ASIF: Transferring Server-data to Auth Server for the user, gw-4u\guym.

Jan 3 11:21:12.603295 AuthSession node with Mac: 4137a-d837 in port session AIP DB found !!!

Jan 3 11:21:12.603341 SessId: 8O2.1x812901ed000c1bf5 strlen: 22

Jan 3 11:21:12.603467 Queuing message to auth client to validate mac address 0:4:13:7a:d8:37, user gw-4u\guym on interface ge-0/0/18.0

Jan 3 11:21:12.603562 ASIF: Radius REQUEST_ID: 36

Jan 3 11:21:12.603939 ASIF: Tx of Server-data to Auth Server succeeded


txt
(95.3 KB)

Dear Guy,



could you please retest your scenario with the newest version 8.9.3.80?
  

  http://wiki.snom.com/Firmware/V8_9_3_80



Thanks
Norman

Login or Signup to post a comment