ArubaOS and Controllers

Reply
Occasional Contributor I
Posts: 5
Registered: ‎03-30-2011

Certificate problems with WPA2-PSK

I'm running 5.0.3.3.
If I configure a SSID with WPA2 Enterprise.
AAA inital role: logon
AAA 802.1x ... default role: authenicated.

Everything works great.

If I configure an SSID with WPA2 PSK.
AAA inital role: logon
AAA 802.1x ... default role: authenicated.

I get connected, I can ping things on my network and internet but certs get messed up. When I browse to google or any internet site I get sent to:
https://securelogin.arubanetworks.com/auth/cp_disabled.html

It appears that a securelogin.aurbanetworks.com cert is installed on my PC (Win7) and I'm hosed, I lose all AD authentication, Outlook can't connect to exchange.

If I reconnect to the SSID that uses WPA2 Enterprise. Then everything is back to normal.

If I configure an SSID with WPA2 PSK.
AAA inital role: authenicated
AAA 802.1x ... default role: authenicated.

Then I don't get the errors.
What is going on?
Is it ok to leave the roles Authenicated/Authenticated?

BTW the logon and authenticated roles are the defaults that come with the OS.

Thanks
Mike
Guru Elite
Posts: 21,505
Registered: ‎03-29-2007

Re: Certificate problems with WPA2-PSK

Change the initial role to authenticated. The logon role will force the user to authenticate via captive portal.


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

MVP
Posts: 1,404
Registered: ‎11-07-2008

Re: Certificate problems with WPA2-PSK

To elaborate on cjoseph's answer, the reason you change the initial role on the PSK SSID is because technically knowing the PSK *IS* your authentication, as a result, the initial role is post-PSK-auth, and will be the role the users get.
Jerrod Howard
Sr. Techical Marketing Engineer
Contributor I
Posts: 45
Registered: ‎09-11-2010

Re: Certificate problems with WPA2-PSK

Hi All,
I have the same problem but my SSID profile use MAC+Captiveportal.
Sometime, the client passed authentication and get authenticated role but the controller alway redirect client to "Page web authentication disable" which shown below. If i disconnecting and reconnecting again the problem gone.



It's happen unpredicable and I don't know how to track this problem.
Any idea?
Search Airheads
Showing results for 
Search instead for 
Did you mean: