Knowledge Base

Switch 1910 series MAC authentication with Windows RADIUS server

Scenario

Switch 1910 series supports MAC-Authentication for clients. When a client connects to the switch, switch uses the client's MAC as username/password to authenticate with configured RADIUS server.

Step

1. Enable AAA in Configuration->Security->AAA

Type the IP-Address of your RADIUS server and your Secret.

 

 

 

 

2. Enable 802.1X Port-Authentication in Configuration->Security->Network->NAS

Set the Mode to Enabled, and set a port to use MAC-Based Auth.

 

 

 

 

3. Switch uses client’s MAC address as Username and Password for authentication with RADIUS in LOWER CASE.

 

If you use Windows Server as RADIUS and has an AD, you must set “Store password using reversible encryption”. This setting will not take effect until the account’s password is changed.

 

 

 

 

You can also edit the default domain policy and then you won’t need to change the user’s reversible password setting one-by-one.

 

Verification

Connect a computer whose MAC has been added as an account in the Windows RADIUS server to the switch.

If the authentication fails, the switch should show 0 auth / 1 unauth as in the following figure.

 

 

 

 

If it's successfully authenticated, it will show 1 auth/ 0 unauth as the following:

 



YES NO

Please leave your comment:

SUBMIT

Question Profile

LANGUAGE:
ARTICLE ID:002789
TYPE:Application / Configuration Example
FIRMWARE:any
VIEWS:3522
VOTES:1
TECHNOLOGY:
MODEL:GS1910-24,GS1910-24HP,GS1910-48 (view more model name)

Still have trouble with your device? Contact Zyxel technology support team directly!

Contact Zyxel Support