Hi Collin
Reverted the Timers back to their original settings
Got the following output from the trace-buf command
Nov 27 11:05:38 station-up * ec:1f:72:eb:ea:d3 6c:f3:7f:db:8f:52 - - wpa2 psk aes
Nov 27 11:05:38 wpa2-key1 <- ec:1f:72:eb:ea:d3 6c:f3:7f:db:8f:52 - 117
Nov 27 11:05:39 wpa2-key2 -> ec:1f:72:eb:ea:d3 6c:f3:7f:db:8f:52 - 117
Nov 27 11:05:39 wpa2-key3 <- ec:1f:72:eb:ea:d3 6c:f3:7f:db:8f:52 - 151
Nov 27 11:05:39 wpa2-key4 -> ec:1f:72:eb:ea:d3 6c:f3:7f:db:8f:52 - 95
Nov 27 11:05:59 station-down * ec:1f:72:eb:ea:d3 6c:f3:7f:db:8f:52 - -
Nov 27 11:05:59 station-up * ec:1f:72:eb:ea:d3 9c:1c:12:0f:7d:d1 - - wpa2 psk aes
Nov 27 11:05:59 wpa2-key1 <- ec:1f:72:eb:ea:d3 9c:1c:12:0f:7d:d1 - 117
Nov 27 11:05:59 wpa2-key2 -> ec:1f:72:eb:ea:d3 9c:1c:12:0f:7d:d1 - 117
Nov 27 11:05:59 wpa2-key3 <- ec:1f:72:eb:ea:d3 9c:1c:12:0f:7d:d1 - 151
Nov 27 11:05:59 wpa2-key4 -> ec:1f:72:eb:ea:d3 9c:1c:12:0f:7d:d1 - 95
Nov 27 11:16:23 station-down * ec:1f:72:eb:ea:d3 9c:1c:12:0f:7d:d1 - -
Nov 27 11:16:25 station-up * ec:1f:72:eb:ea:d3 9c:1c:12:0f:7d:d4 - - wpa2 aes
Nov 27 11:16:25 station-term-start * ec:1f:72:eb:ea:d3 9c:1c:12:0f:7d:d4 2 -
Nov 27 11:16:26 client-finish -> ec:1f:72:eb:ea:d3 9c:1c:12:0f:7d:d4/TCM-802.1X - -
Nov 27 11:16:26 server-finish <- ec:1f:72:eb:ea:d3 9c:1c:12:0f:7d:d4/TCM-802.1X - 61
Nov 27 11:16:26 server-finish-ack -> ec:1f:72:eb:ea:d3 9c:1c:12:0f:7d:d4/TCM-802.1X - -
Nov 27 11:16:26 inner-eap-id-req <- ec:1f:72:eb:ea:d3 9c:1c:12:0f:7d:d4/TCM-802.1X - 35
Nov 27 11:16:26 inner-eap-id-resp -> ec:1f:72:eb:ea:d3 9c:1c:12:0f:7d:d4/TCM-802.1X - - hendrik
Nov 27 11:16:26 eap-mschap-chlg <- ec:1f:72:eb:ea:d3 9c:1c:12:0f:7d:d4/TCM-802.1X - 67
Nov 27 11:16:26 eap-mschap-response -> ec:1f:72:eb:ea:d3 9c:1c:12:0f:7d:d4/TCM-802.1X 8 49
Nov 27 11:16:26 mschap-request -> ec:1f:72:eb:ea:d3 9c:1c:12:0f:7d:d4/TCM-802.1X 8 - hendrik
Nov 27 11:16:26 mschap-response <- ec:1f:72:eb:ea:d3 9c:1c:12:0f:7d:d4/2008-Radius - - hendrik
Nov 27 11:16:26 eap-mschap-success <- ec:1f:72:eb:ea:d3 9c:1c:12:0f:7d:d4/TCM-802.1X - 83
Nov 27 11:16:26 eap-mschap-success-ack-> ec:1f:72:eb:ea:d3 9c:1c:12:0f:7d:d4/TCM-802.1X - -
Nov 27 11:16:26 eap-tlv-rslt-success <- ec:1f:72:eb:ea:d3 9c:1c:12:0f:7d:d4/TCM-802.1X - 43
Nov 27 11:16:26 eap-tlv-rslt-success -> ec:1f:72:eb:ea:d3 9c:1c:12:0f:7d:d4 - 2
Nov 27 11:16:26 eap-success <- ec:1f:72:eb:ea:d3 9c:1c:12:0f:7d:d4/TCM-802.1X - 4
Nov 27 11:16:26 wpa2-key1 <- ec:1f:72:eb:ea:d3 9c:1c:12:0f:7d:d4 - 117
Nov 27 11:16:26 wpa2-key2 -> ec:1f:72:eb:ea:d3 9c:1c:12:0f:7d:d4 - 240 mic failure
Nov 27 11:16:27 wpa2-key1 <- ec:1f:72:eb:ea:d3 9c:1c:12:0f:7d:d4 - 117
Nov 27 11:16:27 wpa2-key2 -> ec:1f:72:eb:ea:d3 9c:1c:12:0f:7d:d4 - 240 mic failure
Nov 27 11:16:28 wpa2-key1 <- ec:1f:72:eb:ea:d3 9c:1c:12:0f:7d:d4 - 117
Nov 27 11:16:28 wpa2-key2 -> ec:1f:72:eb:ea:d3 9c:1c:12:0f:7d:d4 - 240 mic failure
Nov 27 11:16:29 wpa2-key1 <- ec:1f:72:eb:ea:d3 9c:1c:12:0f:7d:d4 - 117
Nov 27 11:16:29 wpa2-key2 -> ec:1f:72:eb:ea:d3 9c:1c:12:0f:7d:d4 - 240 mic failure
Nov 27 11:16:30 wpa2-key1 <- ec:1f:72:eb:ea:d3 9c:1c:12:0f:7d:d4 - 117
Nov 27 11:16:30 station-down * ec:1f:72:eb:ea:d3 9c:1c:12:0f:7d:d4 - -
I thought the 2003 server was causing a problem and got a 2008 server. Still having the same problem -- Might it be my Aruba config thats a problem and not the Radius server?
On the Radius server I do see an error
Reason Code: 23
Reason: An error occurred during the Network Policy Server use of the Extensible Authentication Protocol (EAP). Check EAP log files for EAP errors.
I have deleted the Certs, recreated them, deleted the policies and recreated them - but still getting this error. I am not sure where these EAP logs are - BUT If I am looking at the right logs (in C:\Windows\System32\LogFiles\INI1511)
I see the following lines
"RADNET","IAS",11/27/2015,11:13:27,1,"hendrik","NETWORKS\hendrik","000B866E1E74","EC1F72EBEAD3",,,,"10.254.253.21",0,0,"10.254.253.21","Aruba-Controller",,,19,,,1,4,"Secure Wireless Connections 2",0,"311 1 10.254.253.22 11/26/2015 13:30:42 203",,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,"Secure Wireless Connections 2",1,,,,
"RADNET","IAS",11/27/2015,11:13:27,2,,"NETWORKS\hendrik",,,,,,,,0,"10.254.253.21","Aruba-Controller",,,,,1,2,4,"Secure Wireless Connections 2",0,"311 1 10.254.253.22 11/26/2015 13:30:42 203",,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,"0x084E4554574F524B53",,,"Secure Wireless Connections 2",1,,,,
"RADNET","IAS",11/27/2015,11:13:37,1,"hendrik","NETWORKS\hendrik","000B866E1E74","EC1F72EBEAD3",,,,"10.254.253.21",0,0,"10.254.253.21","Aruba-Controller",,,19,,,1,4,"Secure Wireless Connections 2",0,"311 1 10.254.253.22 11/26/2015 13:30:42 204",,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,"Secure Wireless Connections 2",1,,,,
"RADNET","IAS",11/27/2015,11:13:37,2,,"NETWORKS\hendrik",,,,,,,,0,"10.254.253.21","Aruba-Controller",,,,,1,2,4,"Secure Wireless Connections 2",0,"311 1 10.254.253.22 11/26/2015 13:30:42 204",,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,"0x084E4554574F524B53",,,"Secure Wireless Connections 2",1,,,,
Also followed steps you recommended another user (he was using instants though) in a different post, but still no luck.... :(
http://community.arubanetworks.com/t5/Aruba-Instant-Cloud-Wi-Fi/PEAP-authentication-failure-Reason-code-23/td-p/71530
Some extra details
Enabnling Termination on the controller makes no difference (I believe for 802.1x it should be disbaled) so currently disabled.
Running a AAA test for the user against the server does succeed.
Any other advice?