Security

Reply
New Contributor
Posts: 2
Registered: ‎09-16-2012

Need help with 2008 R2 server and 3200 controller config

I just migrated a client from SBS 2003 to SBS 2011.  I have NPS installed on the new box.  I was also able to export the IAS config from 2003 and using iamigreader.exe, imported the config into the new 2008 box successfully.  We have 2 networks configured on the 3200, Guest and Staff.  Currently both networks are not allowing users to connect.  The guest network uses a captive portal config, and when a user tries to connect, they get the captive portal, try to login and get "invalid reply digest from auth server".

 

Futhermore, when a staff member tries to login and authenticate, they get access is denied.

 

1) Is there and account and password that are used to communicate between the controller and the server?, if so, how do I display that account either in the controller or on the server ( I'm sure ADUC, but what is the account name?)

 

2) How do I troubleshoot these issues?, I have gone in on the controller and changed the IP for the radius server to point to the new IP. But am unclear where to go from here..

 

Any help would be greatly appreciated

  

New Contributor
Posts: 2
Registered: ‎09-16-2012

Re: Need help with 2008 R2 server and 3200 controller config

To further information on this, in my event logs I am getting event ID 18

 

An Access-Request message was received from RADIUS client 192.168.25.10 with a Message-Authenticator attribute that is not valid.

 

Guru Elite
Posts: 20,415
Registered: ‎03-29-2007

Re: Need help with 2008 R2 server and 3200 controller config

Make sure the aruba radius client definition on the nps server does not require the message attribute.  Aruba does not support this.

 

Also, make sure and reenter the radius secret for the Aruba controller on the nps side.

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

MVP
Posts: 2,908
Registered: ‎10-25-2011

Re: Need help with 2008 R2 server and 3200 controller config

[ Edited ]

Like Collin said check the passphrase on the NPS client and on the WC is the same...


That happneed me the other day i was installing thison a client.

On Alcatel switches the characters like exclamation are not possible to put them as password and if you do they wont recognize them and put nothing in there....

The thing is that i was doing on the NPS for example something like this as password aruba123! and on the alcatel switch aruba123! but as the alcatel could not understand the ! then it does this aruba123  and as the pass was not the same well i get that message you are getting...

 

I didnt know what was the message about but you can always do a fast search with google with the error and also putting airheads and you will find answers in this forum...

When i encountered that troubleh i did that and i found this topic

 

http://community.arubanetworks.com/t5/Authentication-and-Access/2nd-NPS-server-gives-Message-Authenticator-attribute-not-valid/td-p/31606

 

Hope this solve your issue

 

 

 

----------------------------------------------------
Product Manager - Aruba Networks
Alternetworks Corp
Search Airheads
Showing results for 
Search instead for 
Did you mean: