01-20-2015 11:03 AM - edited 01-20-2015 11:36 AM
Hey guys >
We've just implemented an iAP environment of 24 APs. We're working on standing up an SSID that back-ends against our internal LDAP infrastructure (Microsoft AD on Server 2012). Does anyone have any preferences on OpenRadius vs NPS (Microsoft's Radius flavor)?
We're currently trying NPS on the same box running LDAP and are seeing authentication take +30 seconds (or fail outright) on our client laptops trying to attach to the SSID in question. Server stats (CPU / memory / network) appear clean (ie no spikes or weird crap). The SSID usually eventually authenticates (ie certs are fine), no errors show in the logs.
01-20-2015 01:34 PM
Aruba (whether controller-based or IAP) can operate with any RADIUS server. Whether it be NPS, Free RADIUS, or our own ClearPass, you should not be seeing authentiation times like this. Have you confirmed that communication from the IAP cluster to the NPS server is adequate? Have you done any packet captures to see if the traffic is flowing as expected?
Systems Engineer, Northeast USA
ACCX | ACDX | ACMX