Controllerless Networks

Reply
Contributor II

Radius IAP

Hi 

 

I have 2 IAPs running 6.2.1.0-3.4.0.1_39461 and im trying to get user/pass to a radius server to work. When i have termination enabled i get a certificate warning but when after clicking accept to all warnings i can connect.

When setting termination as disabled no certificate warning occurs but i cant connect. 

independent if termination is enabled or disabled the configuration on the radius server is the same so it shouldnt matter if i disabled.

 

thanks

 

Carlos

Re: Radius IAP

Can you delete the SSID profile on the client machine when you disable termination and try again?

Seth R. Fiermonti
Consulting Systems Engineer - ACCX, ACDX, ACMX
Email: seth@hpe.com
-----
If you found my post helpful, please give kudos
Contributor II

Re: Radius IAP

Yes, tried that

Moderator

Re: Radius IAP

Enable Radius Proxy and put an entry in your Radius server for the Client IP of the IAP VC.

Contributor II

Re: Radius IAP

done that too. The wierd thing is that when enabling termination it works but diabling it and it stopps working

So all the config in the radius server is working, must be some IAP configuration that i miss

Re: Radius IAP

I don't think you are missing anything in the IAP.  With termination disabled, the EAP session is terminated on the RADIUS server itself. The AP just passes this through really.  What do the logs say in your RADIUS server?

Seth R. Fiermonti
Consulting Systems Engineer - ACCX, ACDX, ACMX
Email: seth@hpe.com
-----
If you found my post helpful, please give kudos
New Contributor

Re: Radius IAP

What radius server are you using? What EAP type are using?
Contributor II

Re: Radius IAP

im only using MSCHAP, for user/pass authentication

Microsoft NPS server, the logs only show succesful connections not the ones that failed...

New Contributor

Re: Radius IAP

I would verify that your NPS server is set for PEAP / MSCHAPv2. The other thing to try is on your client turn off the server cert validation and see if it works. There could be a cert issue on the NPS server. I have seen windows clients not auth if they are missing the cert CA on the client.
Contributor II

Re: Radius IAP

thanks for your answer, will try that

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: