NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
Netgear GS108Tv3 Radius Authentication To Ubiquiti USG
I am new negtworking and I am trying to setup a GS108Tv3 Netgear Switch to use the Radius server on a Ubiquiti Secure Gateway(USG). My hope was that anything connecting to my netgear switch will have to authenticate to the usg Radius server and the USG would set VLAN and dish out IP addresses for the device connected to switch. Unfortunatly, I keep getting "AUTHMGR-5-RADIUS_CONN_FAIL sal_authmgr.c(1754) %% Connect to RADIUS server host 192.168.xxx.xxx Fail" in the logs of the switch.
My configuration is: WAN --> USG --> GS108Tv3 --> Device to connect to network. I followed procedure for setting up dynamic VLANs and I am assuming its working because I get a guest VLAN ip address when I don't authenticate. My hope is that any device connected to the ports that I configured for dynamic VLAN would get a web page popping up to authenticate but I don't get anything asking me to put in a password.
Any help or suggestions on if anyone has tried to use the Ubigquiti Radius serer with a netgear switch would be greatly appreciated.
First configure the RADIUS server on the switch, e.g. Security > Management Security > RADIUS > Server Configuration for the RADIUS authentication server.
Then you can enable 802.1x on the switch port - that's all straight forward. However, carefully check the fine documentation on configuring. Don't forget to put the dot.1x authentication list to RADIUS. Security > Management Security -> Authentication List -> Dot.1x Authentication list.
IT_Dad wrote:My hope is that any device connected to the ports that I configured for dynamic VLAN would get a web page popping up to authenticate but I don't get anything asking me to put in a password.
No Web page at all... There must be a 802.1x supplicant on the computer connected and properly configured. Most settings are related to the RADIUS server itself, the switch does only hand over the 802.1x packets to the RADIUS server.
2 Replies
First configure the RADIUS server on the switch, e.g. Security > Management Security > RADIUS > Server Configuration for the RADIUS authentication server.
Then you can enable 802.1x on the switch port - that's all straight forward. However, carefully check the fine documentation on configuring. Don't forget to put the dot.1x authentication list to RADIUS. Security > Management Security -> Authentication List -> Dot.1x Authentication list.
IT_Dad wrote:My hope is that any device connected to the ports that I configured for dynamic VLAN would get a web page popping up to authenticate but I don't get anything asking me to put in a password.
No Web page at all... There must be a 802.1x supplicant on the computer connected and properly configured. Most settings are related to the RADIUS server itself, the switch does only hand over the 802.1x packets to the RADIUS server.
Thanks for the suggestion. You comment about the supplicant made me do ore research and I found out that I had incorrect IP in for Radius server. After changing it I was able to change the VLAN in the switch dynamically based off of mac addresses with the Ubiquiti USG built in Radius server.
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
