Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

LDAP Server only work at second contact for PAP authentication

This thread has been viewed 0 times

  • 1.  LDAP Server only work at second contact for PAP authentication

    Posted Oct 20, 2014 11:57 AM

     

    I am using CPPM radius to authenticate user log on to all network devices.  All work very well but only one annoying issue with PAP Authentication Methods. 

     

    PAP is the only radius authentication method for Cisco, Nortel, and Airwave (let me know if I am wrong with Airwave, I don't want to use TACACS if I don't have too). 

     

    The problem is you must log in twice.  The first time, it always fails with message “Can’t contact LDAP server”, but if I log in again, then it works.  It works like if user has entered a wrong password at the first time, but reenter correct password at the second time.

     

    LDAP servers are Windows 2012, CPPMs are 6.3.5.

     

    Capture.JPG

    Regards,

     



  • 2.  RE: LDAP Server only work at second contact for PAP authentication
    Best Answer

    EMPLOYEE
    Posted Oct 20, 2014 11:53 PM
    What version of CPPM are you using? There was an issue in 6.4 that was fixed in 6.4.1


  • 3.  RE: LDAP Server only work at second contact for PAP authentication

    Posted Oct 21, 2014 09:26 AM

    CPPM6.3.5, but I just upgraded to 6.4.1.  Let see if 6.4.1 fix the problem



  • 4.  RE: LDAP Server only work at second contact for PAP authentication

    Posted Oct 21, 2014 09:44 AM

    I’ve been blaming the System for months that their LDAP service was “sleeping”.  It feels like you have to wake it up with the first contact, then it works at the second contact.  But after upgrade CPPM to 6.4.1 last night, problem resolved.

     

    Regards!