Security

Reply
New Contributor
Posts: 2
Registered: ‎09-21-2011

2nd NPS server gives Message-Authenticator attribute not valid

Running 6.1.2 on a 3400, the first NPS server in the domain authenticates correctly, but the backup NPS has an issue with the request (Event ID 18). Could this be a certificate error? Our switches and applications authenticate OK on the 2nd NPS. I didn't configure our 3400 for the first NPS, so I'm not sure what I may be missing.

Guru Elite
Posts: 21,287
Registered: ‎03-29-2007

Re: 2nd NPS server gives Message-Authenticator attribute not valid

#1 reason - Makes sure the preshared key for Radius Clients is correct on the second NPS for that controller.

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Aruba
Posts: 1,644
Registered: ‎04-13-2009

Re: 2nd NPS server gives Message-Authenticator attribute not valid

Rick,

 

Confirm the 2nd NPS server has the proper radius client secret defined. 

 

Chris

------------------------------------------------
Systems Engineer, Northeast USA
ACCX | ACDX | ACMX

Contributor I
Posts: 24
Registered: ‎06-24-2009

Re: 2nd NPS server gives Message-Authenticator attribute not valid

If you've verified the preshared key and it's still giving that error,

1.) Confirm that you have the controller listed as a RADIUS client on the second NPS server.

2.) Make sure the RADIUS policy is enabled for the EAP type you're using (e.g. PEAP).

3.) If you're using a server side certificate, make sure the correct one is selected for that policy.

 

Hope this helps!

 

- Jay

New Contributor
Posts: 2
Registered: ‎09-21-2011

Re: 2nd NPS server gives Message-Authenticator attribute not valid

How embarrassing! I swore I copied the shared key correctly, BUT my 6th finger got in the way. Thanks, all.

Search Airheads
Showing results for 
Search instead for 
Did you mean: