Security

Hi,

I've been looking at configuring VIA + mobility controller as a possible replacement for our Juniper VPN service.

ArubaOS 6.4.3.6

OS X VIA client ( was 2.x) latest 3x one downloaded today

Local CA with client cert vpn.york.ac.uk generated

l2tp/ipsec with IKEv2 and cert authentication

The annoying thing is that I had this working with the osx 2.x client but not on the Android client. ..... so I made a few changes and now none of it works :-((

The version 3 client says that the remote server is  not responding. I'm getting somewhere along the route because my OCSP server can has seen a validation query coming in and its sending a valid response back.

I'm not seeing a user auth on clearpass so I guess its something wrong with the ipsec config.Downloading a new profile from the mobility controller works just fine though.

I've attached the logs from the os x VIA client.

How might I get some logs at the controller end to see what's going on?

Rgds

Alex

Attached are the logs

Attachment(s)

Virtual_Intranet_Access_AlexSharaz_11_46_56.zip   723 KB 1 version

I would look at your audit trail using "show audit-trail" on the controller to see if you can revert your changes.

Well getting somewhere. Now I get a message saying "Incorrect certificate, please provide correct certificate"