Alex, hеllo there!
Ive builded test environmet for you, so i am using freeradius 2.1.12+dfsg-1.2 (on debian), and switch hp 2650. Ive just repeated your config, and have no problems with this. My test procurve ip 10.0.10.29, test freeradius ip 192.168.2.60.
procurve config:
Running configuration:
; J4899A Configuration Editor; Created on release #H.10.83
hostname "ProCurve Switch 2650"
interface 1
no lacp
exit
interface 2
no lacp
exit
interface 3
no lacp
exit
interface 4
no lacp
exit
interface 5
no lacp
exit
interface 6
no lacp
exit
interface 7
no lacp
exit
interface 8
no lacp
exit
interface 9
no lacp
exit
interface 10
no lacp
exit
snmp-server community "public" Unrestricted
vlan 1
name "DEFAULT_VLAN"
untagged 11-50
ip address dhcp-bootp
no untagged 1-10
exit
vlan 100
name "success"
untagged 1-10
exit
vlan 200
name "fail"
exit
aaa authentication port-access eap-radius
radius-server host 192.168.2.60 key test
aaa port-access authenticator 1-10
aaa port-access authenticator 1 unauth-vid 200
aaa port-access authenticator 2 unauth-vid 200
aaa port-access authenticator 3 unauth-vid 200
aaa port-access authenticator 4 unauth-vid 200
aaa port-access authenticator 5 unauth-vid 200
aaa port-access authenticator 6 unauth-vid 200
aaa port-access authenticator 7 unauth-vid 200
aaa port-access authenticator 8 unauth-vid 200
aaa port-access authenticator 9 unauth-vid 200
aaa port-access authenticator 10 unauth-vid 200
aaa port-access authenticator active
/etc/freeradius/users:
<...>
testuser User-Password := test
Tunnel-Type = VLAN,
Tunnel-Medium-Type = IEEE-802,
Tunnel-Private-Group-Id = "100"
<...>
/etc/freeradius/radiusd.conf:
<...>
client switch {
ipaddr = 10.0.10.29
secret = test
require_message_authenticator = no
nastype = other
}
<...>
And i`ve used this manual, to enable 8021x in windows:
http://windows.microsoft.com/en-us/windows/enable-802-1x-authentication#1TC=windows-7
But, I`ve disabled usage of logged user creds.
So, if user creds are correct, i have this message in /var/log/freeradius/radius.log
tail -f /var/log/freeradius/radius.log
Fri Sep 5 12:54:14 2014 : Auth: Login OK: [testuser/<via Auth-Type = EAP>] (from client switch port 0 via TLS tunnel)
Fri Sep 5 12:54:14 2014 : Auth: Login OK: [testuser/<via Auth-Type = EAP>] (from client switch port 1 cli b4-99-ba-5a-bb-65)
and on my switch ive got:
ProCurve Switch 2650(eth-1)# sh vlans ports 1
Status and Counters - VLAN Information - for ports 1
802.1Q VLAN ID Name Status Voice
-------------- ------------ ------------ -----
100 success Port-based No
If creds are incorrect:
Fri Sep 5 12:56:06 2014 : Auth: Login incorrect: [sasdasd/<via Auth-Type = EAP>] (from client switch port 0 via TLS tunnel)
Fri Sep 5 12:56:06 2014 : Auth: Login incorrect: [sasdasd/<via Auth-Type = EAP>] (from client switch port 1 cli b4-99-ba-5a-bb-65)
ProCurve Switch 2650(eth-1)# sh vlans ports 1
Status and Counters - VLAN Information - for ports 1
802.1Q VLAN ID Name Status Voice
-------------- ------------ ------------ -----
200 fail Port-based No
maybe you havent enabled 8021x in windows? I hope this helps to you man.
Following the steps from here you should be able to reset the password.
1. Connect to the router using a RS-232 cable
2. Connect to the router via HyperTerminal
3. Settings for HyperTerminal = 9600 - 8 - None - 1 Flow Control = None
4. Power cycle the router and right away press the s key continuously until you see the login prompt >
(Starts up with current release but no configuration)
5. You will now have to Delete the previous manager password configuration line described below using the internal text editor.
The editor is invoked with the command:
EDIT filename.cfg (filename is the name of you config file)
Delete the line that states:
set user=manager pass=3af00c6cad11f7ab5db4467b66ce503eff priv=manager
Save and exit editor by pressing the key sequence of Ctrl k x
6. Now, type the command >restart router to reload the original configuration.
The Manager password is now regenerated as "friend"
Best Answer
Probably the baud rate is fixed to something you didn't try. If you can run a telnet or ssh session, you can check the serial console setting with
show console
.You can reset to default settings by