Remote Networking

Reply
New Contributor
Posts: 4
Registered: ‎08-31-2011

OSX Via Client stuck at "Detecting Network Type"

I'm not sure if this issue is on the controller, firewall, or client unfortunately. This is my first shot at setting up via.

The client appears to reach the controller (sorta), but hangs at "Detecting Network Type", state "VIA is: Not Connected"

On the controller I see the following logs:


Aug 31 10:41:14 :124004: |authmgr| VIA Authentication Profile is 'default'
Aug 31 10:41:14 :124004: |authmgr| aal_authenticate user:semaphore vpnflags:0
Aug 31 10:41:14 :124004: |authmgr| unknown user=209.221.173.66, method=VIA-WEB
Aug 31 10:41:14 :124004: |authmgr| aal_authenticate server_group:default
Aug 31 10:41:14 :124004: |authmgr| Select server for method=VIA-WEB, user=semaphore, essid=<>, server-group=via-server-group, last_srv <>
Aug 31 10:41:14 :124004: |authmgr| server=Internal, ena=1, ins=1 (1)
Aug 31 10:41:14 :124038: |authmgr| Selected server Internal for method=VIA-WEB; user=semaphore, essid=<>, domain=<>, server-group=via-server-group
Aug 31 10:41:14 :124004: |authmgr| Rx message 21/22, length 2995 from 10.10.16.30:8344
Aug 31 10:41:14 :124003: |authmgr| Authentication result=Authentication Successful(0), method=VIA-WEB, server=Internal, user=209.221.173.66
Aug 31 10:41:14 :124004: |authmgr| Auth server 'Internal' response=0
Aug 31 10:41:14 :124004: |authmgr| RX (sock) message of type 75, len 72



The config is lifted almost exactly from the VIA config document, and I do have an IKE PSK configured. Anybody have any suggestions? Are there client-side logs I can look at somewhere?
Guru Elite
Posts: 21,561
Registered: ‎03-29-2007

Re: OSX Via Client stuck at "Detecting Network Type"

Do you already have this working for the Windows Versions of Via? The current MAC OSX version of Via requires more ports to be open. From the Via for MAC user guide:

The following ports must be enabled before configuring the VIA controller.

TCP 443—During the initializing phase, VIA uses HTTPS connections to perform trusted network and captive portal checks against the controller. It is mandatory that you enable port 443 on your network to allow VIA to perform these checks.
UDP 4500—Required for IPSec transport
UDP— 500, 1701, and 4500
TCP—1723
IP protocol— 50

I would suggest that you get it working with the Windows version of Via first, so that your issue is just firewall ports.


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

New Contributor
Posts: 4
Registered: ‎08-31-2011

Re: OSX Via Client stuck at "Detecting Network Type"

Windows works fine. I hadn't seen the additional port requirements for the OSX client. Do you have that document handy?

Thanks,
D
Guru Elite
Posts: 21,561
Registered: ‎03-29-2007

Re: OSX Via Client stuck at "Detecting Network Type"

Here.


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

New Contributor
Posts: 4
Registered: ‎08-31-2011

Re: OSX Via Client stuck at "Detecting Network Type"


Do you already have this working for the Windows Versions of Via? The current MAC OSX version of Via requires more ports to be open. From the Via for MAC user guide:

The following ports must be enabled before configuring the VIA controller.

TCP 443—During the initializing phase, VIA uses HTTPS connections to perform trusted network and captive portal checks against the controller. It is mandatory that you enable port 443 on your network to allow VIA to perform these checks.
UDP 4500—Required for IPSec transport
UDP— 500, 1701, and 4500
TCP—1723
IP protocol— 50

I would suggest that you get it working with the Windows version of Via first, so that your issue is just firewall ports.




Opened the above ports as per the document. Confirmed it works on windows.

Still the same behavior. Hangs at "Detecting Network Type"

Tracing the packet flow on the intermediate firewall shows that the client and controller are talking to each other over port 443, but no other port/protocol is ever attempted. I still can't find any client side logging, so I'm a little uncertain how to continue troubleshooting this.
Guru Elite
Posts: 21,561
Registered: ‎03-29-2007

Re: OSX Via Client stuck at "Detecting Network Type"

The Mac OSX version on the website does not support MAC OSX lion, yet. If you are not using lion, please open a support case, and they will ask you to generate logs and collect them from you.


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

New Contributor
Posts: 4
Registered: ‎08-31-2011

Re: OSX Via Client stuck at "Detecting Network Type"




Well, that would be the problem then.

Thanks, I'll wait for a Lion compatible release.

Guru Elite
Posts: 21,561
Registered: ‎03-29-2007

Re: OSX Via Client stuck at "Detecting Network Type"

The MAC OSX Via client compatible with Lion has been posted to the support site (support.arubanetworks.com) under Download Software > Via> MAC OSX


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
Showing results for 
Search instead for 
Did you mean: