Security

last person joined: 15 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Radius server does not apply default authenticated user name and password

This thread has been viewed 0 times

  • 1.  Radius server does not apply default authenticated user name and password

    Posted Dec 08, 2017 01:16 AM

    Hi all!

    I have next issue.

    Aruba OS 6.3.1.8, controleer 651.

    We have configured Radius authentication and users can authenticate with their domain accounts.

    On IOS and Windows 10 users can authenticate with both of domain name and without (I mean, for example Vasya.Pupkin and Vasya.Pupkin@domain.kz).

     

    But on Windows 10 when we click on Use my Windows user account button we can not authenticate. How to fix that?

     

    Best regards, Asset

     

     



  • 2.  RE: Radius server does not apply default authenticated user name and password

    EMPLOYEE
    Posted Dec 08, 2017 02:11 AM

    Are you using termination?

     



  • 3.  RE: Radius server does not apply default authenticated user name and password

    Posted Dec 11, 2017 11:06 PM

    Hi Colin,

    no, I don't use termination.

    Also, one more question. Why we can not authenticate anyway with Windows 7 device on Mac, but on Windows 10 we can authenticate with one way explained above.

     

    Best regards, Asset



  • 4.  RE: Radius server does not apply default authenticated user name and password

    EMPLOYEE
    Posted Dec 11, 2017 11:55 PM

    You should start by looking at your radius server  logs to see what the failure message is.



  • 5.  RE: Radius server does not apply default authenticated user name and password

    Posted Dec 12, 2017 01:23 AM

    Colin,

    I have seen in logs nex messages when I trying authenticate with Domain User account:

     

    AuthenticationServer DC1.[DomainName].kz
    AuthenticationType PEAP
    EAPType -
    AccountSessionIdentifier -
    ReasonCode 265
    Reason The certificate chain was issued by an authority that is not trusted.
    LoggingResult Accounting information was written to the local log file.

     

    Does it give you any information?

     

    Asset



  • 6.  RE: Radius server does not apply default authenticated user name and password

    EMPLOYEE
    Posted Dec 12, 2017 05:56 AM

    It would seem that your Windows10 client is misconfigured and does not have the Certificate Authority that distributed your radius server certificate in its trusted store.  Please do a google search for that error message for a possible solution to your problem.