I am trying to implement 802.1x on snom 710 phone using Windows NPS server running on server 2012 R2
Since Snom 710 only support EAP-MD5 , i had to tweak the registry to allow support for MD5. I enabled 802.1x and entered username & password, but i am still getting Failed notification.
Do you have any documentation on setting 802.1x EAP-MD5 ? What Constraints should i use in NPS server ? Only allow MD5-Challenge , or should i also add EAP(PEAP) to the list?
You're getting failed notifications where? Is the Switch receiving the EAPOL Start from the D710? Is the Windows NPS Server receiving the EAP-Responses for the Access-Request and Access-Challenge from the Switch? Which firmware is on the D710?
I am not sure where i am failing and i am not sure if i configure the NPS correctly. I am also not sure if i need to enter the username with or without the domain name information (should i use domain/username or just username ?)
This is why i am asking for a guide or any other documentation that you have which explain the 802.1x configuration using windows NPS on server 2012 R2 and EAP-MD5 authentication.
BTW - my snom version is - 22.214.171.124
I am also attaching logs i have from the snom.
If you need additional information, i will be happy to provide, just let me know from where should i get it. I have also logs from the Juniper switch:
Jan 3 11:21:12.600237 Port Info is NULL for portnum:0
Jan 3 11:21:12.600267 ASIF: Authenticator handling of Server frame failed
Jan 3 11:21:12.600323 Deleted background job to process replies from authentication client
Jan 3 11:21:12.601937 Task receive function invoked
Jan 3 11:21:12.602107 EAPOL packet received on interface ge-0/0/18.0
Jan 3 11:21:12.602160 Creating background job to process EAPOL frame
Jan 3 11:21:12.602245 Entering background job to process received EAPOL frames rx_frame_node_count=1
Jan 3 11:21:12.602282 Invoking state machine for frame received on interface ge-0/0/18
Jan 3 11:21:12.602313 Received an EAPOL Frame...
Jan 3 11:21:12.602359 Frame is targetted to this machine...
Jan 3 11:21:12.602405 EAPOL Frame Received on Port: 88 !!!
Jan 3 11:21:12.602457 AuthHandleInEapFrame: Received MAC based Eap Frame
Jan 3 11:21:12.602519 AuthSession node with Mac: 4137a-d837 in session AIP DB found !!!
Jan 3 11:21:12.602623 Port: 88 obtained Native Vid: 3
Jan 3 11:21:12.602673 Session Node for MAC: -4137a-d837- Port: 88 obtained ...
Jan 3 11:21:12.602725 ASM Called with Event: RXRESPID, and State: Connecting
Jan 3 11:21:12.602768 for Port: 88, MAC: 4137a - d837
Jan 3 11:21:12.602808 Id: 1, SessionNode: 3b6000
Jan 3 11:21:12.602847 ASM: Inside PnacAuthAsmRxrespConnecting
Jan 3 11:21:12.602902 TMR: Timer is deleted
Jan 3 11:21:12.602948 ASM moved to state: AUTHENTICATING !!
Jan 3 11:21:12.602997 BSM Called with Event: AUTHSTART, and State: Idle
Jan 3 11:21:12.603040 for Port: 88, MAC: 4137a-d837
Jan 3 11:21:12.603081 Id: 1, SessionNode: 3b6000
Jan 3 11:21:12.603141 TMR: Timer is started
Jan 3 11:21:12.603183 BSM moved to state: RESPONSE !!
Jan 3 11:21:12.603232 ASIF: Transferring Server-data to Auth Server for the user, gw-4u\guym.
Jan 3 11:21:12.603295 AuthSession node with Mac: 4137a-d837 in port session AIP DB found !!!
Jan 3 11:21:12.603341 SessId: 8O2.1x812901ed000c1bf5 strlen: 22
Jan 3 11:21:12.603467 Queuing message to auth client to validate mac address 0:4:13:7a:d8:37, user gw-4u\guym on interface ge-0/0/18.0
Jan 3 11:21:12.603562 ASIF: Radius REQUEST_ID: 36
Jan 3 11:21:12.603939 ASIF: Tx of Server-data to Auth Server succeeded
could you please retest your scenario with the newest version 126.96.36.199?