ArubaOS and Controllers

Reply
Occasional Contributor II
Posts: 100
Registered: ‎11-07-2008

multiple IAS servers

I've run into a problem that i'm not sure if it's a client problem or a server problem. I've had to add a new radius server for authentication due to our current one being unstable. Our primary one is called radius.xxxxx.edu and the new one is called radius3.xxxxx.edu. Some clients are able to authenticate just fine, but others get this error:

Source: schannel
Event ID: 36882
Error:

The certificate received from the remote server was issued by an untrusted certificate authority. Because of this, none of the data contained in the certificate can be validated. The SSL connection has failed. The attached data contains the server certificate.

Has anyone successfully deployed multiple windows 2003 radius servers with different names? The common name on each server certificate correspond to the name of each server.
Guru Elite
Posts: 20,995
Registered: ‎03-29-2007

Cert Authority


I've run into a problem that i'm not sure if it's a client problem or a server problem. I've had to add a new radius server for authentication due to our current one being unstable. Our primary one is called radius.xxxxx.edu and the new one is called radius3.xxxxx.edu. Some clients are able to authenticate just fine, but others get this error:

Source: schannel
Event ID: 36882
Error:

The certificate received from the remote server was issued by an untrusted certificate authority. Because of this, none of the data contained in the certificate can be validated. The SSL connection has failed. The attached data contains the server certificate.

Has anyone successfully deployed multiple windows 2003 radius servers with different names? The common name on each server certificate correspond to the name of each server.




Pardon me if this is an obvious question, but what is the certificate authority of both certificates issued? Are they the same? Do your clients trust the second one? According to this here: http://support.microsoft.com/kb/2007728 you might have a self-signed certificate on that Windows 2003 box and it is assigned to that remote access policy. Check your remote access policy and ensure it has the valid cert assigned.


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Occasional Contributor II
Posts: 100
Registered: ‎11-07-2008

Re: multiple IAS servers

Thanks Colin, I had a "duh" moment after I sent it. I realized the chain might not be correct. I uploaded both the root cert and intermediate cert and it's working fine now. thanks for the response!
Search Airheads
Showing results for 
Search instead for 
Did you mean: