Controllerless Networks

Reply
New Contributor

802.1x and request to external Radius

I only see one attempt (if for example the certificate is expired) to auth to the Radius server ... does Aruba cache the failed attempt?

Even if I restart the computer ... I don't see a new Radius request.

Is it by design?

Re: 802.1x and request to external Radius

The controller has a caches the session for 5 minutes so if you want to see the radius request you may need to run the following command : aaa user delete mac "device mac address"
Thank you

Victor Fabian
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
Aruba Employee

Re: 802.1x and request to external Radius

Hi Michael,

 

If the cert is expired on the client side, it will not respond with its identity itself.

 

Please check the following output on controller for more information on radius authenticaiton:

 

config# logging level debugging user-debug <mac-address of user>

   # show auth-tracebuf mac <mac-address of client >

 

in case you are using IAP:

 

#show ap debug auth-tracebuf <mac-address of client>

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: