Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Amigopod...Last ditch attempt!

This thread has been viewed 2 times

  • 1.  Amigopod...Last ditch attempt!

    MVP EXPERT
    Posted Nov 23, 2015 07:32 AM

    Hi All, we have a customer running Aruba ClearPass Guest OS release 3.9 who appears to be having an issue with their self registration guest portal. Unfortuantly as you know the Amigopod is end of sale and end of life so we are attempting to support them on best endvaours. I'm still however hopefull that we maybe able to resolve the issue and provide a resolution of some kind.

     

    In short the end user is able to create a guest visitor account but this is unable to login with the same created account. There hasn't been any changes in the enviroment and this appears to have suddently started occuring. We've restarted the services and the Amigopod but no joy.


    The actual error which the client sees is "{nwa_radius_query}: Missing arguments to method \'GetCallingStationTime\''," and we see a similiar message in the logs:

     

    Client: xxx.xxx.xxx.xxx:52932
    Server: xxx.xxx.xxx.xxx:52932
    Script: /customer_login.php
    Function: trigger_error
    Details: (
      'level' => 'E_USER_WARNING',
      'message' => '{nwa_radius_query}: Missing arguments to method \'GetCallingStationTime\'',
      'file' => '/var/www/html/_include/NwaCore/function.nwa_radius_query.php',
      'line' => 24,
    )

    Any suggestions or ideas would be greatly appreciated..


    Thanks, Craig.



  • 2.  RE: Amigopod...Last ditch attempt!

    Posted Nov 25, 2015 07:12 AM

    Hello!

     

    Never seen that errormessage myself, but... You're saying that nothing has changed on the Amigopod. It stands to reason that something has changed "somewhere" else. It might not be big, but something has definately changed. I'm thinking "someone" has changed "something" to get "something else" to work that has affected this - happened to me several times ;)

     

    So this is the Radius authentication that fails due to something in relation to GetCallingStationTime(). One requirement to this function is the callingstationid (mac-address). Some WLC's doesn't default send this according to IEEE-802 standard. Verify that your WLC sends CallingStationID as system mac-address and not including SSID or AP-address or something like that (see picture)

     

    Check the clock on Amigopod and the WLC. Should not be a big discrepancy between these.

     

    12.11.jpg

     



  • 3.  RE: Amigopod...Last ditch attempt!

    MVP EXPERT
    Posted Nov 25, 2015 03:52 PM

    Thanks John, its certainly a start! It's an Aruba WLC and...nothing has changed :) I'll certainly check the NTP soon! 



  • 4.  RE: Amigopod...Last ditch attempt!

    Posted Nov 26, 2015 03:02 AM

    I would also try doing a packet capture or RADIUS Debug to get more information. Packet capture can be done from Administrator > Network Setup>Network Diagnostics > Packet Capture > Select protocol as RADIUS (1812,1813) 

     

    Radius Debug can be done from RADIUS > Server Control > Debug RADIUS Server

     

    Note: Ensure that you stop the DEBUG after gathering data and confirm that the RADIUS service is running.