Security

After upgrading to 6.7.0, the option to upgrade under software updates is 6.7.4 which i noticed that was recently realesed.

 

What is the recomended patch to go to 6.7.x ? or should i stay in 6.7.0 ?

 

I am running (4)-25K appliances (1 master/publisher and 3 subscribers) on a major Healthcare enviroment using (wireless auth, Onboard, GuestNet, Tacacs, Radius and so on)

 

Only thing i have noticed so far are TLS erros/rejects for some clients on access tracker.

 

Thanks,

 

AP

6.7.4.

Hi

Do you mean 1 master and 3 publishers or 1 publisher and 3 subscribers?

What Tim recommended should be the best option! Tim knows his stuff!!

Correct, 1 Master/Publisher and 3 Subscribners

 

After upgraded to 6.7 i am having a lot of issues wqith IOS devices and TLS certificate errors, any recomemdations?

 

Error Code:	215
Error Category:	Authentication failure
Error Message:	TLS session error
Alerts for this Request  RADIUS EAP-TLS: warning alert by client - close_notify TLS Handshake failed in SSL_read with error:140940E5:SSL routines:ssl3_read_bytes:ssl handshake failure eap-tls: Error in establishing TLS session

Install 6.7.4



Thank you

Victor Fabian

Pardon typos sent from Mobile

Any pre-update recomendations?

 

I know i had to re install all certificates after my last update to 6.7 also load all licenses (due to license conversion).

 

It will be done via the cluster upgrade tool, a few things i always do is disable "Standby Publisher" as well as Daily backups.

 

Any suggestions are welcome, our CPPM main use includes:

-Radius Authentication (wireless)

-Tacacs +

-EAP-TLS OCSP/ SCEP for MDM onboarding

-GuestNet splash page services

 

Thanks,

 

Andres

Upgrade to 6.7.4 has been completed suscesfully......but unfortunately i see the same TLS erros as before :(

 

I guess next is to open a support ticket and take it from there.

 

Andres

What is the error on the alert tab?


With regards,

Frank

Sent from a mobile device

Disclaimer: Dit e-mail bericht is alleen bestemd voor de geadresseerde, verstrekking aan en gebruik door anderen is niet toegestaan. Indien u niet de geadresseerde bent, wordt u vriendelijk verzocht de verzender hiervan op de hoogte te stellen en het bericht te verwijderen. In verband met de elektronische verzending kunnen aan de inhoud van dit bericht geen rechten worden ontleend.

Error Code:	215
Error Category:	Authentication failure
Error Message:	TLS session error
Alerts for this Request  RADIUS EAP-TLS: warning alert by client - close_notify TLS Handshake failed in SSL_read with error:140940E5:SSL routines:ssl3_read_bytes:ssl handshake failure eap-tls: Error in establishing TLS session

https://community.arubanetworks.com/t5/Security/TLS-authentication-issue-EAP-TLS-warning-alert-by-client-close/m-p/257721

Sent from Mail for Windows 10

Always go for 6.7.3 or 6.7.4 at this moment.

A lot of fixes were done in those patches.


With regards,

Frank

Sent from a mobile device

Disclaimer: Dit e-mail bericht is alleen bestemd voor de geadresseerde, verstrekking aan en gebruik door anderen is niet toegestaan. Indien u niet de geadresseerde bent, wordt u vriendelijk verzocht de verzender hiervan op de hoogte te stellen en het bericht te verwijderen. In verband met de elektronische verzending kunnen aan de inhoud van dit bericht geen rechten worden ontleend.