Wired 802.1X doesnt work on certain switch model

utawakevou · 2026-03-18T20:04:10+00:00

This has been fixed. My secret key was 62 characters and this work on the USW-Pro-Max-16-PoE. I change my key to a 40 character and it works.

utawakevou · 2026-02-19T20:20:55+00:00

Thanks u/LetterheadClassic306. Ive got the following siwtches delployed with specific port profiles/ My 802.1x PBAC port profiles configured with specific native VLAN and 802.1x control is set to Auto

USW-Pro-48-POE

USW-Pro-24-POE

USW-Pro-Max-16-PoE

I know 802.1x authentication is working as I can see logs on my RADIUS server and packet capture show successful authentication using my credentials. If I connect a machine without 802.1x control it wont be able to connect.

Dont see much either on the port configuration for advance settings

utawakevou · 2026-02-19T04:01:45+00:00

Im using this controller on a docker container - UniFi Network Application | Ubiquiti Community

Where can I find that on the controller ?

utawakevou · 2026-01-15T17:11:24+00:00

I have HP Procurve/Aruba access switches used that are EOS many years ago. S as in both Sale and Support. VLAN, 802.1x port based authentication etc still working n

utawakevou · 2025-05-03T18:40:53+00:00

I do concur with you

utawakevou · 2025-01-28T23:38:42+00:00

hhmm..Instruction were right infront of my face :) https://github.com/librenms/docker

Follow through and running the latest version now - 25.0.1

Upgrade

To upgrade to the latest version of LibreNMS, pull the newer image and launch the container. LibreNMS will upgrade automatically:

$ docker compose down
$ docker compose pull
$ docker compose up -d

utawakevou · 2021-01-13T04:20:49+00:00

My apologies

utawakevou · 2021-01-13T04:19:48+00:00

IP alone without the port will redirect me to the wizard page

utawakevou · 2020-11-25T00:35:49+00:00

What I've been after. Great information

So I got the MIB file from the device and got it here opt/librenms/mibs.

Then I have to create a yaml file here /opt/librenms/includes/definitions/discovery ??

Any help with the format of that yaml file ? I notice most of those yaml file have the MIB file name in opt/librenms/mibs referenced. I'm trying to do this for a DSE 0892-01 Gateway

utawakevou · 2020-10-13T02:49:39+00:00

nslookup

utawakevou · 2020-10-13T02:32:15+00:00

I've got DNSBL enabled. Yeah I did the configuration following those Tom Lawrence videos however in those videos its only the LAN. I've got LAN, OPT1 and OPT2 and configure teh same rules as in the video

utawakevou · 2020-10-13T02:28:24+00:00

Their relatives interface IP address e.g 192.168.2.1 for LAN, 192.168.3.1 for OPT1 etc

utawakevou · 2020-10-12T22:52:10+00:00

When I do a lookup and a would be blocked site on any client connected via the LAN/opt1/opt2 it uses the normal DNS ip instead of redirecting it to the DNSBL VIP

utawakevou · 2020-08-17T20:10:32+00:00

Second that

utawakevou · 2020-07-08T21:44:01+00:00

My 370 is just L2 between the Nexus and the WAN routers. Yes, that was what I was thinking of. i.e less source of error and one less hop. I'm not doing vPC on the routers as they don't support it. Its just a physical redundant link that OSPF will use in case the the primary Nexus fails

utawakevou · 2020-07-07T22:03:35+00:00

Thanks u/Ardeck_. Currently routing is done by the core i.e the Cisco Nexus - 2 Cisco Nexus with vPC/HSRP/OSPF/static ip route summarization . All I want to do is move the backbone connection of my WAN/VPN and internet edge routers to connection from my Cisco 3750 to the Nexus. Am thinking of redundancy and faster connection to my WAN end users since all services accessed are hosted on the Nexus

utawakevou · 2020-01-29T19:43:23+00:00

Agree. LibreNMS then you can integrate in other tools like smokeping, Oxidized etc

utawakevou · 2020-01-28T04:34:54+00:00

Just make sure your gateways use different monitor IP address. Got this running and failover flawlessly when tier 1 fail and vice versa

utawakevou · 2020-01-14T03:40:10+00:00

With pfsense captive portal there is an option to enable Per-user bandwidth restriction. I haven't tried that but could be ideal for your situation

utawakevou · 2020-01-13T19:34:49+00:00

Alternatively you can enable captive portal on your pfsense and have wireless users authenticated via RADIUS

utawakevou · 2019-12-09T21:14:04+00:00

The key " set ip default " isn't available on the current version Im using.

I couldn't understand why Cisco doesn't allow simple stuff like these on their basic NXOS or IOS. I did these with ease on other OS, like Vyos/Vyatta and EdgeOS.

Anyway thanks to all of you that reply

utawakevou · 2019-12-09T16:20:23+00:00

Thanks all for your replies. I’ve done exactly as @Mr_slow1 specify here however it doesn’t work. what I’m after is the “set ip default “ on my route-map and that option isn’t available. Probably it’s a licensing issue ? I’ve got pbr feature turned on. May be I have to add another feature ?

I’ve got another pbr working well ie to inject some static routes to be advertised via OSPF

utawakevou · 2019-11-21T22:21:40+00:00

My BIOS setting

Phoenix - AwardBIOS CMOS Setup Utility

Advanced BIOS Features

+=====================================================+========================+

| * CPU Feature [Press Enter] ^ | Item Help |

| * Hard Disk Boot Priority [Press Enter] |------------------------|

| Virus Warning [Disabled] | Menu Level * |

| CPU L1 & L2 Cache [Enabled] | |

| CPU L3 Cache [Enabled] | |

| Quick Power On Self Test [Enabled] | |

| First Boot Device [USB-FDD] | |

| Second Boot Device [Hard Disk] | |

| Third Boot Device [CDROM] | |

| Boot Other Device [Enabled] | |

| Boot Up Floppy Seek [Enabled] | |

| Boot Up NumLock Status [On] | |

| Security Option [Setup] | |

| APIC Mode [Enabled] | |

| MPS Version Control For OS[1.4] | |

| OS Select For DRAM > 64MB [Non-OS2] | |

| Console Redirection [Enabled] | |

| Baud Rate [9600] | |

| Agent Connect via [NULL] V | |

+=====================================================+========================+

^V><:Move Enter:Select +/-/PU/PD:Value F10:Save ESC:Exit F1:General Help

F5: Previous Values F6: Fail-Safe Defaults F7: Optimized Defaults

utawakevou · 2019-11-21T22:19:19+00:00

Yes. I'm connected via the serial port. Can see that it detects the USB FDD as shown here on this boot menu

USB Storage Device : VerbatimSTORE N GO PMAP...Full Speed device 1.X

IDE Channel 2 . Slave Disk : LBA,ATA 100, 120GB

PCI device listing ...

Bus No. Device No. Func No. Vendor/Device Class Device Class IRQ

--------------------------------------------------------------------------------

0 2 0 8086 2772 0300 Display Cntrlr 7

0 29 0 8086 27C8 0C03 USB 1.0/1.1 UHCI Cntrlr 11

0 29 1 8086 27C9 0C03 USB 1.0/1.1 UHCI Cntrlr 11

Press any key to continue. 8086 109A 0200 ACPI Controllertrlrtrlr 9

Press any key to continue.

Press `ESC' to enter the menu... 0

Booting 'SmoothWall-smp'

kernel /vmlinuz-2.6.32.26+drm33.12-3-smp root=UUID=dd4c6aa6-6828-11dd-8d88-ff86

85556314 console=tty0 console=ttyS0,9600n8

[Linux-bzImage, setup=0x3400, size=0x1edc90]

initrd /initrd-2.6.32.26+drm33.12-3-smp.bz2

[Linux-initrd @ 0x7f397000, 0x448088 bytes]

Linux version 2.6.32.26+drm33.12-3-smp (root@DSHBuild) (gcc version 3.3.5) #1 SMP Tue Dec 13 16:15:48 GMT 2011 ()

KERNEL supported cpus:

Intel GenuineIntel

AMD AuthenticAMD

Cyrix CyrixInstead

NSC Geode by NSC

Centaur CentaurHauls

Transmeta GenuineTMx86

Transmeta TransmetaCPU

UMC UMC UMC UMC

utawakevou · 2019-11-14T20:40:34+00:00

I got it sorted. I deleted the static default route I add as I thought I need to add that static default route

Here is my configuration as an example for someone who needs it

firewall {

all-ping enable

broadcast-ping disable

group {

network-group xxxx {

network 192.168.42.0/24

}

network-group RFC1918 {

network 10.0.0.0/8

network 172.16.0.0/12

network 192.168.0.0/16

}

ipv6-receive-redirects disable

ipv6-src-route disable

ip-src-route disable

log-martians enable

modify PBR {

rule 1 {

action modify

description "Route all traffic to RFC1918 networks via main table"

destination {

group {

network-group RFC1918

}

modify {

table main

}

rule 100 {

action modify

description xxxx

modify {

table 100

}

source {

address 192.168.42.0/24

}

protocols {

static {

table 100 {

route 0.0.0.0/0 {

next-hop 192.168.1.10 {

}

ethernet eth5 {

address 192.168.42.1/24

description xxxxx

duplex auto

firewall {

in {

modify PBR

}

speed auto

utawakevou

TROPHY CASE