Controllerless Networks

Reply
New Contributor
Posts: 1
Registered: ‎04-24-2017

802.1x and request to external Radius

I only see one attempt (if for example the certificate is expired) to auth to the Radius server ... does Aruba cache the failed attempt?

Even if I restart the computer ... I don't see a new Radius request.

Is it by design?
MVP
Posts: 4,314
Registered: ‎07-20-2011

Re: 802.1x and request to external Radius

The controller has a caches the session for 5 minutes so if you want to see the radius request you may need to run the following command : aaa user delete mac "device mac address"
Thank you

Victor Fabian
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
Aruba Employee
Posts: 245
Registered: ‎03-26-2013

Re: 802.1x and request to external Radius

[ Edited ]

Hi Michael,

 

If the cert is expired on the client side, it will not respond with its identity itself.

 

Please check the following output on controller for more information on radius authenticaiton:

 

config# logging level debugging user-debug <mac-address of user>

   # show auth-tracebuf mac <mac-address of client >

 

in case you are using IAP:

 

#show ap debug auth-tracebuf <mac-address of client>

Search Airheads
Showing results for 
Search instead for 
Did you mean: