Aruba Instant & Cloud Wi-Fi

Reply
Occasional Contributor I
Posts: 5
Registered: ‎01-06-2014

RADIUS works... Sometimes

We recently put 3 iAP's into production.  We have a Guest SSID with internal accounting, and an Employee one (pretty standard issue).  Employee is authenticated by a RADIUS server with NPS on a Windows Server 2008 R2 machine.

 

Where I'm having the issue, is several clients intermittently can't connect with their AD accounts to the Employee SSID.

 

RADIUS_Alert.png

 

The above image shows some alerts that keep popping up.  Strange thing is, sometimes there's no issue connecting, and others, whatever the device, requires several attempts.

 

The event logs on the RADIUS server don't indicate any issues (especially since the alerts specify 'no response'/connection failure).

 

So firewall or blocking software on the RADIUS server.

 

I'm not sure why they aren't talking consistently.  The fact that it's intermittent is a little strange to me.

 

Has anyone seen this before?  Any ideas?

 

Thanks in advance!

Aruba Employee
Posts: 201
Registered: ‎07-14-2013

Re: RADIUS works... Sometimes

Could you share the output of ?show tech-support? from your network? They can be obtained from the UI at ?Support > AP Tech Support Dump > All Aps > Run > Save"
Occasional Contributor I
Posts: 5
Registered: ‎01-06-2014

Re: RADIUS works... Sometimes

[ Edited ]

Sorry, I did this one yesterday and meant to attach it to the first post.  Thanks!

 

Edit:

 

Solved... Turned out to be the VLAN the VC was set to (System\Advanced).  It defaulted to 10 out of the box - I changed it to 1 and it's now solid.

 

Cheers!

Frequent Contributor II
Posts: 110
Registered: ‎01-25-2013

Re: RADIUS works... Sometimes

MooNBeaR1,

 

Just as a security precaution, whenever you post logs from anything internal from a company, always go through and scrub it of all keys first.

Contributor I
Posts: 22
Registered: ‎04-02-2013

Re: RADIUS works... Sometimes

What does VC mean in VLAN?  I'm having somewhat of the same issue.  All the machines are authenticating .1x just fine, but the clients use eap-tls are not making it past the RADIUS server.  I will see the requests come thru on wireshark, but not in the event logs of the NPS server.

Search Airheads
Showing results for 
Search instead for 
Did you mean: