Security

Reply

Aruba Instant + NPS server authentication issues (Event ID 18)

Hello everyone !

 

I'm currently stuck on some weird issues. NPS server's event viewer sends a lot of those error messages (Event ID 18). 

 

I tried multiple times to re-enter the shared secret on both the NPS Client and Instant AP RADIUS Server info. When I re-enter the secret, the authentications work for some time and then they stop working and results in this error again.

 

18.jpg

 

When I look into Wireshark, I see Acces-Request from IAP to NPS and Access-Challenge from NPS to IAP. I don't see any Access-Accept or Access-Reject. I guess the IAP doesn't receive it.

 

I also tried re-creating radius server and upgrading firmware to latest General Avaibality (6.4.2.6 4.1.1.12)

 

Thanks !

ACMP, ACCP, BCNE
Guru Elite

Re: Aruba Instant + NPS server authentication issues (Event ID 18)

Double check the radius secret.



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Re: Aruba Instant + NPS server authentication issues (Event ID 18)

Can you try using a very simple shared key?
Something like "aruba123"

Sent from Outlook for iPhone
Thank you

Victor Fabian
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA

Re: Aruba Instant + NPS server authentication issues (Event ID 18)

Thanks for the quick answer guys.

 

I must have re-entered it 4-5 times, my key is Test123! and I even verified keyboard language on NPS server. Still, if I enter it again, it works for some time.

 

I'm also using Radius Proxy on VC ip adress.

 

Thanks !

ACMP, ACCP, BCNE

Re: Aruba Instant + NPS server authentication issues (Event ID 18)

For testing purposes can you try just test123 and see if it works
Thank you

Victor Fabian
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA

Re: Aruba Instant + NPS server authentication issues (Event ID 18)

Alright, i'll try this tomorrow morning and update you !

ACMP, ACCP, BCNE
Guru Elite

Re: Aruba Instant + NPS server authentication issues (Event ID 18)

Actually on NPS there is an option to verify the message authenticator attribute. Uncheck that.


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Re: Aruba Instant + NPS server authentication issues (Event ID 18)

Ok thx ill get back to you guys tomorrow morning !!

ACMP, ACCP, BCNE

Re: Aruba Instant + NPS server authentication issues (Event ID 18)

ok so : 

 

  1. secret is now aruba123
  2. dynamic radius proxy is off and i manually added the IAPs in NPS server
  3. Message authenticator attribute was deactivated

Same problem persist. There is 3 sites, 1 of them is with IAP-225 and Cisco switch, everything works well and all authentications to the same NPS server are ok.

 

2 other sites are with IAP-215 and Juniper EX4200, no FW and have both the same issues.

 

I'm starting to think this is a Juniper feature/firmware issue or IAP-215 interoporability problem.

 

Thoughts ?

ACMP, ACCP, BCNE

Re: Aruba Instant + NPS server authentication issues (Event ID 18)

Can you run the following command and share the output:
IAP-2# show ap debug auth-trace-buf

-----------------
Thank you

Victor Fabian
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: