ArubaOS and Controllers

Reply
Occasional Contributor II
Posts: 59
Registered: ‎12-19-2007

Master/Local Radius error

Hi
Hope you guy's can help me out with this one we have just upgraded our controllers
to 3.4.2 code
We configured one of the Controllers as a Local but we now find we cannot authenticate and we get a AAA Authentication timeout when we run the AAA test Server the Master is fine. we ran the auth debug commands and this is what we got on the Local controller
(NACCOWLAN) (config) #show log security all
Apr 15 16:29:58 :103062: |ike| Starting cryptoPOST
Apr 15 16:39:32 :124004: |authmgr| Rx message 14001/5221, length 193 fr
om 127.0.0.1:8235
Apr 15 16:39:32 :124004: |authmgr| Show user rows between 1 and 2
Apr 15 16:39:32 :124004: |authmgr| Rx message 14001/5221, length 187 from 127.0.0.1:8235
Apr 15 16:39:40 :124004: |authmgr| Rx message 14001/5221, length 199 from 127.0.0.1:8235
Apr 15 16:40:03 :124004: |authmgr| Rx message 14001/5221, length 250 from 127.0.0.1:8235
Apr 15 16:40:03 :124011: |authmgr| Test authenticating user ecbrcode:****** using server ecmswitch
Apr 15 16:40:23 :124004: |authmgr| Auth server 'ecmswitch response=2
Apr 15 16:40:23 :124019: |authmgr| Test server response: AAA server timeout.

We can ping the Radius servers so we are stuck at what is causing this as we thought the master pushed all the radius configs to the local ?

(NACCOWLAN) (config) #ping 172.21.166.55
Press 'q' to abort.
Sending 5, 100-byte ICMP Echos to 172.21.166.55, timeout is 2 seconds:
!!.!!
Guru Elite
Posts: 20,819
Registered: ‎03-29-2007

Radius Source Address is the Local

The master does push all radius information to the local, but the source address of the radius request is the local controller, as well. Make sure that on your radius server you have a radius client entry for the local server. If you look in your radius server logs, it might tell you that it is dropping a packet from an unauthorized client, or language that is similar.


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Occasional Contributor II
Posts: 59
Registered: ‎12-19-2007

Radius

Thanks

Colin

The Radius client configured on the IAS server had an incorrect IP and the wrong Keys!!!
Thanks for your assistance
Search Airheads
Showing results for 
Search instead for 
Did you mean: