Security

Reply
New Contributor
Posts: 3
Registered: ‎06-23-2016

Trying to do RADIUS auth

I want to have an SSID that does RADIUS authentication against a Server 2012 R2 RADIUS server.

 

This currently works with my Procurve setup, but I'm having issues making it work with the Aruba AP.

 

I've been following this guide, but so far, no luck.  http://www.arubanetworks.com/techdocs/InstantMobile/Advanced/Content/External%20RADIUS%20Server.htm

 

The error on the server 2012 side is

 

Reason Code:			16

Reason:				Authentication failed due to a user credentials mismatch. Either the user name provided does not map to an existing user account or the password was incorrect.

But, the credentials are being pulled from the Windows session, so they're correct.

 

Guru Elite
Posts: 8,322
Registered: ‎09-08-2010

Re: Trying to do RADIUS auth

Are you doing EAP-TLS, EAP-PEAP, EAP-TTLS? Please provide more details.

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
New Contributor
Posts: 3
Registered: ‎06-23-2016

Re: Trying to do RADIUS auth

[ Edited ]

Trying to do EAP-PEAP

 

The controller is trying to do MS-CHAPv2, and while we're allowing that, it's still not working.  I didn't see a way to control this on the Aruba side.

 

 

Guru Elite
Posts: 8,322
Registered: ‎09-08-2010

Re: Trying to do RADIUS auth

Did you create a new connection request policy for the wireless users configured only for EAP-PEAP/MSCHAPv2?


Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
New Contributor
Posts: 3
Registered: ‎06-23-2016

Re: Trying to do RADIUS auth

No, we're using the same connection request policy, but we did create a new network policy that has the same settings as the "working" policy.

Search Airheads
Showing results for 
Search instead for 
Did you mean: