802.1X on HPE 1950

I'm trying to set up 802.1X on HPE 1950 (JG961A), but it's not working. I tried to set up 802.1X on the HPE 1950 according to pages 122-124 of the user guide (http://h20565.www2.hpe.com/hpsc/doc/public/display?sp4ts.oid=7399488&docLocale=en_US&docId=emr_na-c04657809).

I set up a radius profile with accounting for our existing radius server (Windows Server 2012). I created an ISP domain for LAN access called lan and configured it to use the radius profile for authentication, authorization, and accounting. I enabled 802.1X and configured it for MAC-based control on one interface (GE1/0/2) for testing. The lan ISP domain is set as the mandatory domain for the port.

When I set 802.1X on GE1/0/2 to Automatic, I cannot get LAN access. The policy on the radius server allows Windows credentials and/or machine-based certificate for testing, but I don't get prompted for any form of authentication. The computer that I am using for testing has the appropriate certificate installed. The HPE 1950 is configured as a client with the correct IP address on the radius server.

The radius logs on the radius server do not show any events regarding the HPE 1950 switch or 802.1X authentication. I suspect that the authentication request is not being forwarded to the radius server properly and that the request eventually times out.

Does anyone know what is wrong?

A sanitized version of the switch config is below.

# 
version 7.1.045, Release 3113P05 
# 
sysname REDACTED
# 
clock timezone Saskatchewan minus 06:00:00 
clock protocol ntp 
# 
irf mac-address persistent timer 
irf auto-update enable 
undo irf link-delay 
irf member 1 priority 1 
# 
dot1x 
dot1x authentication-method eap 
dot1x domain-delimiter @\\ 
# 
dns server REDACTED
dns server REDACTED
dns server REDACTED
# 
transceiver phony-alarm-disable 
password-recovery enable 
# 
vlan 1 
# 
vlan 3 
description REDACTED
# 
vlan 6 
description REDACTED
# 
traffic classifier WebVlan_6_0_0 operator or 
# 
traffic classifier WebVlan_6_1_0 operator or 
# 
traffic behavior WebVlan_6_0_0 
remark dot1p 6 
# 
traffic behavior WebVlan_6_1_0 
remark dot1p 6 
# 
qos policy WebVlan_6_0 
classifier WebVlan_6_0_0 behavior WebVlan_6_0_0 
# 
qos policy WebVlan_6_1 
classifier WebVlan_6_1_0 behavior WebVlan_6_1_0 
# 
interface Bridge-Aggregation1 
port link-type trunk 
undo port trunk permit vlan 1 
port trunk permit vlan 3 6 
port trunk pvid vlan 3 
link-aggregation mode dynamic 
# 
interface NULL0 
# 
interface Vlan-interface1 
# 
interface Vlan-interface3 
ip address REDACTED
# 
interface Vlan-interface6 
ip address REDACTED
# 
interface GigabitEthernet1/0/1 
port access vlan 3 
# 
interface GigabitEthernet1/0/2 
port access vlan 3 
dot1x 
dot1x mandatory-domain lan 
dot1x unicast-trigger 
dot1x smarton 
# 
interface GigabitEthernet1/0/3 
port access vlan 3 
# 
interface GigabitEthernet1/0/4 
port access vlan 3 
# 
interface GigabitEthernet1/0/5 
port access vlan 3 
# 
interface GigabitEthernet1/0/6 
port access vlan 3 
# 
interface GigabitEthernet1/0/7 
port access vlan 3 
# 
interface GigabitEthernet1/0/8 
port access vlan 3 
# 
interface GigabitEthernet1/0/9 
port access vlan 3 
# 
interface GigabitEthernet1/0/10 
port access vlan 3 
# 
interface GigabitEthernet1/0/11 
port access vlan 3 
# 
interface GigabitEthernet1/0/12 
port access vlan 3 
# 
interface GigabitEthernet1/0/13 
port access vlan 3 
# 
interface GigabitEthernet1/0/14 
port access vlan 3 
# 
interface GigabitEthernet1/0/15 
port access vlan 3 
# 
interface GigabitEthernet1/0/16 
port access vlan 3 
# 
interface GigabitEthernet1/0/17 
port access vlan 3 
# 
interface GigabitEthernet1/0/18 
port access vlan 3 
# 
interface GigabitEthernet1/0/19 
port access vlan 3 
# 
interface GigabitEthernet1/0/20 
port access vlan 3 
# 
interface GigabitEthernet1/0/21 
port access vlan 3 
# 
interface GigabitEthernet1/0/22 
port access vlan 3 
# 
interface GigabitEthernet1/0/23 
port access vlan 3 
# 
interface GigabitEthernet1/0/24 
port access vlan 3 
# 
interface GigabitEthernet1/0/25 
port access vlan 3 
# 
interface GigabitEthernet1/0/26 
port access vlan 3 
# 
interface GigabitEthernet1/0/27 
port access vlan 3 
# 
interface GigabitEthernet1/0/28 
port access vlan 3 
# 
interface GigabitEthernet1/0/29 
port access vlan 3 
# 
interface GigabitEthernet1/0/30 
port access vlan 3 
# 
interface GigabitEthernet1/0/31 
port access vlan 3 
# 
interface GigabitEthernet1/0/32 
port access vlan 3 
# 
interface GigabitEthernet1/0/33 
port access vlan 3 
# 
interface GigabitEthernet1/0/34 
port access vlan 3 
# 
interface GigabitEthernet1/0/35 
port access vlan 3 
# 
interface GigabitEthernet1/0/36 
port access vlan 3 
# 
interface GigabitEthernet1/0/37 
port access vlan 3 
# 
interface GigabitEthernet1/0/38 
port access vlan 3 
# 
interface GigabitEthernet1/0/39 
port access vlan 3 
# 
interface GigabitEthernet1/0/40 
port access vlan 3 
# 
interface GigabitEthernet1/0/41 
port access vlan 3 
# 
interface GigabitEthernet1/0/42 
port access vlan 3 
# 
interface GigabitEthernet1/0/43 
port access vlan 3 
# 
interface GigabitEthernet1/0/44 
port access vlan 3 
# 
interface GigabitEthernet1/0/45 
port access vlan 3 
# 
interface GigabitEthernet1/0/46 
port access vlan 3 
# 
interface GigabitEthernet1/0/47 
port link-type trunk 
undo port trunk permit vlan 1 
port trunk permit vlan 3 6 
port trunk pvid vlan 3 
port link-aggregation group 1 
# 
interface GigabitEthernet1/0/48 
port link-type trunk 
undo port trunk permit vlan 1 
port trunk permit vlan 3 6 
port trunk pvid vlan 3 
port link-aggregation group 1 
# 
interface Ten-GigabitEthernet1/0/49 
port access vlan 3 
# 
interface Ten-GigabitEthernet1/0/50 
port access vlan 3 
# 
interface Ten-GigabitEthernet1/0/51 
port access vlan 3 
# 
interface Ten-GigabitEthernet1/0/52 
port access vlan 3 
# 
scheduler logfile size 16 
# 
line class aux 
authentication-mode scheme 
user-role network-admin 
# 
line class vty 
authentication-mode scheme 
user-role network-operator 
# 
line aux 0 
user-role network-admin 
# 
line vty 0 63 
user-role network-operator 
# 
ip route-static 0.0.0.0 0 REDACTED
# 
info-center loghost REDACTED
# 
snmp-agent 
snmp-agent local-engineid REDACTED
snmp-agent community read REDACTED
snmp-agent community write REDACTED
snmp-agent sys-info location REDACTED
snmp-agent sys-info version REDACTED
# 
qos vlan-policy WebVlan_6_0 vlan 6 inbound 
# 
ntp-service enable 
ntp-service unicast-peer REDACTED
ntp-service unicast-peer REDACTED
ntp-service unicast-peer REDACTED
ntp-service unicast-peer REDACTED
# 
radius scheme radius 
primary authentication RADIUS IP key cipher REDACTED
primary accounting RADIUS IP key cipher REDACTED
key authentication cipher REDACTED
key accounting cipher REDACTED
user-name-format keep-original 
nas-ip SWITCH IP
# 
domain lan 
authentication lan-access radius-scheme radius 
authorization lan-access radius-scheme radius 
accounting lan-access radius-scheme radius 
# 
domain system 
# 
domain default enable system 
# 
role name level-0 
description Predefined level-0 role 
# 
role name level-1 
description Predefined level-1 role 
# 
role name level-2 
description Predefined level-2 role 
# 
role name level-3 
description Predefined level-3 role 
# 
role name level-4 
description Predefined level-4 role 
# 
role name level-5 
description Predefined level-5 role 
# 
role name level-6 
description Predefined level-6 role 
# 
role name level-7 
description Predefined level-7 role 
# 
role name level-8 
description Predefined level-8 role 
# 
role name level-9 
description Predefined level-9 role 
# 
role name level-10 
description Predefined level-10 role 
# 
role name level-11 
description Predefined level-11 role 
# 
role name level-12 
description Predefined level-12 role 
# 
role name level-13 
description Predefined level-13 role 
# 
role name level-14 
description Predefined level-14 role 
# 
user-group system 
# 
local-user REDACTED class manage 
password hash REDACTED
service-type REDACTED
authorization-attribute user-role network-admin 
authorization-attribute user-role network-operator 
# 
ip https enable 
# 
return 
#