Security

Reply
Contributor I
Posts: 29
Registered: ‎09-09-2013

VIA Failed to Establish Secure Session

VIA client version: 2.3.2

Controller version:6.4.3.6

Does anyone have any idea?

Thanks

Guru Elite
Posts: 19,962
Registered: ‎03-29-2007

Re: VIA Failed to Establish Secure Session

Do you see authentication failures or passes on Clearpass in the access tracker when you try to authenticate?

Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Validated Reference Design Guides : http://community.arubanetworks.com/t5/Validated-Reference-Design/tkb-p/Aruba-VRDs
Aruba Employee
Posts: 571
Registered: ‎04-17-2009

Re: VIA Failed to Establish Secure Session

A quick look, I noticed that your vpdn group l2tp is disabled:

 

vpdn group l2tp
  disable
  client configuration dns 168.95.1.1 
  no ppp authentication PAP

 

Thanks,

Zach Jennings
Contributor I
Posts: 29
Registered: ‎09-09-2013

Re: VIA Failed to Establish Secure Session

Dear Colin,

I didn't see any authentication failures or passes on Clearpass in the access tracker when you try to authenticate.

Clearpass configuration had been attached.

Thanks

Contributor I
Posts: 29
Registered: ‎09-09-2013

Re: VIA Failed to Establish Secure Session

Dear Zach,

I was configured follow the "VIA APP Note" version 1 page 29.

It shows "enable L2TP" uncheck.

Thanks

Guru Elite
Posts: 19,962
Registered: ‎03-29-2007

Re: VIA Failed to Establish Secure Session


Derek_Sun wrote:

Dear Colin,

I didn't see any authentication failures or passes on Clearpass in the access tracker when you try to authenticate.

Clearpass configuration had been attached.

Thanks


 

Is there a firewall between your VIA client and the controller?

 

Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Validated Reference Design Guides : http://community.arubanetworks.com/t5/Validated-Reference-Design/tkb-p/Aruba-VRDs
MVP
Posts: 4,010
Registered: ‎07-20-2011

Re: VIA Failed to Establish Secure Session

A couple of things you need to have in place for VIA to work properly (some of these you may have already in place)
- The controller needs a public IP address allowing port UDP/4500
- make sure that the inner IP addresses is a routable network in your infrastructure (l2tp pool)
- and Zach pointed out you need L2TP enabled
- In ClearPass you need to add the Inner IP Addresses as a radius client ( Network > Devices > )
- And your service needs to allow PAP as a authentication protocol

Sent from Outlook for iPhone
Thank you

Victor Fabian
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
Search Airheads
Showing results for 
Search instead for 
Did you mean: