Security

Reply
New Contributor

2nd NPS server gives Message-Authenticator attribute not valid

Running 6.1.2 on a 3400, the first NPS server in the domain authenticates correctly, but the backup NPS has an issue with the request (Event ID 18). Could this be a certificate error? Our switches and applications authenticate OK on the 2nd NPS. I didn't configure our 3400 for the first NPS, so I'm not sure what I may be missing.

Guru Elite

Re: 2nd NPS server gives Message-Authenticator attribute not valid

#1 reason - Makes sure the preshared key for Radius Clients is correct on the second NPS for that controller.

 


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.3 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Aruba

Re: 2nd NPS server gives Message-Authenticator attribute not valid

Rick,

 

Confirm the 2nd NPS server has the proper radius client secret defined. 

 

Chris

------------------------------------------------
Systems Engineer, Northeast USA
AMFX | ACCX | ACDX | ACMX

Contributor I

Re: 2nd NPS server gives Message-Authenticator attribute not valid

If you've verified the preshared key and it's still giving that error,

1.) Confirm that you have the controller listed as a RADIUS client on the second NPS server.

2.) Make sure the RADIUS policy is enabled for the EAP type you're using (e.g. PEAP).

3.) If you're using a server side certificate, make sure the correct one is selected for that policy.

 

Hope this helps!

 

- Jay

New Contributor

Re: 2nd NPS server gives Message-Authenticator attribute not valid

How embarrassing! I swore I copied the shared key correctly, BUT my 6th finger got in the way. Thanks, all.

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: