802.1x auth problem between HP Aruba 2530 and FortiAuthenticator
I have encountered with problem that concerns auth problem between HP Aruba 2530-48G switch and FAC.
The scheme is:
We have Active Directory integrated in FAC, one of the AD threads has been imported to the FAC. Switch has been configured with commands:
Switch HP Aruba 2530-48G RADIUS configuration:radius-server host 10.1.245.66 key <radius key>aaa authentication port-access eap-radiusaaa port-access authenticator 10aaa port-access authenticator 10 client-limit 1aaa port-access authenticator active
From the FAC side the next things have been configured:
1) Added Client (Switch IP address) + shared secret for radius connect.
2) Created User Group as Remote LDAP type and there was assigned some RADIUS attributes under it like Tunnel-type - VLAN, Tunnel-Medium-Type - IEEE-802 and Tunnel-Private-Group-ID - <vlan number's here>
3) Created Policy (RADIUS Clients -> Added prior created client (switch ip), RADIUS Attribure criteria -> tumbler is off, Authentication type -> Password/OTP, Accept EAP, Accept PEAP tubler's turned on, IDENTITY Source -> AD realm's used, authentication factors -> Every configured password/OTP).
After that, I've configured Windows 10 PC network Ethernet to use 802.1x authentication and when I provide Active Directory user's credentials - the authentication is failed and FAC logs show me info from screenshot. Any idea?