09-09-2014 04:41 AM
Dear all experts, I just tested SSO between Aruba Controller 3200XM (6.4.1) and PA500 (6.0.3). And i found some thing so strange. I used my notebook to connect wireless to 3200XM with dot1X, it's successful. And when i show user on 3200XM, it's correct. I tried to "show user ip-user-mapping all" on PA500 , it's correct too. But when i disconnected on my notebook and login dot1X again with another user, it's successful. I show user on 3200XM, it's correct with the new user. But on PA500, it still be the old user. So first time i think it come from PA500 not updated it's database. But when i use debug command on PA500 , i found that don't have any update from Controller. And when i used "aaa user delete name xxx" on 3200XM , it still not work too. But i use "aaa user dele all" on 3200XM , it's worked. After "aaa user delete all" on 3200XM, and i try to connect my notebook again with the new user. 3200XM sent update out to PA500. And on PA500 with "show user ip-user-mapping all" , it gave us for correct result too.
This problem is not happened when i tested between PA500 and Clearpass. Could you please advice me too. Thanks a lot.