Controller Based WLANs

How to troubleshoot the error "IKE_CUSTOM_useCert: can't find Server-Cert" while connecting VPN client ?

by on ‎07-14-2014 11:51 PM

Scenario: Connecting VIA client using EAP-tls with external server.

Note:   The controller authenticates the user certificate using EAP-TLS over IKEv2. The controller just acts as an EAP pass-through to an external EAP-compliant server. EAP termination on the controller is not supported for VIA clients.

This error is due to server cert miss from the controller.

rtaImage.png

Need to check if the server cert has been uploaded and mapped under VPN services.

rtaImage.jpg

and map the server & CA cert under VPN services.

Navigate to Configuration >> Under ADVANCED SERVICES >> choose VPN services and map the certificates.

rtaImage.png



rtaImage.png


Finally we need to map them in Certificate Groups.

rtaImage.png

CLI commands:

crypto-local isakmp certificate-group server-certificate VIA ca-certificate test

 

Search Airheads
Showing results for 
Search instead for 
Did you mean: 
Is this a frequent problem?

Request an official Aruba knowledge base article to be written by our experts.