Security

Reply
Occasional Contributor I

VIA Users keep getting disconnected.

Hello,

 

We are starting to receive reports that users who are connecting to VIA for VPN are continually being disconnected and reconnected. I checked the logs and a user could have up to 4 active IP address on the VIA controller. looking at clearpass the only thing I can find is Termination Cause = NAS-Request. Any Ideas?

 

Thanks,

Mike

 

Re: VIA Users keep getting disconnected.

Do you see anything in the logs? Run the below command to see if you can identify any issues. The XXXX can be MAC/Username/IP

#show log all | include XXXX

ACMP, ACSA, ACDX #985
If my post addresses your query, give kudos:)
Occasional Contributor I

Re: VIA Users keep getting disconnected.

I Rand the command against username and IP address and this is what i got.

 

show log all | include kysnyder
Jan 16 09:51:50  webui[3692]: USER: kysnyder has logged in from 10.40.145.63.
Apr  3 13:15:01  webui[3692]: USER: kysnyder has logged in from 10.40.145.63.

 

#show log all | include 10.40.145.63
Jan 16 09:51:50  webui[3692]: USER: kysnyder has logged in from 10.40.145.63.
Apr  3 13:15:01  authmgr[3921]: <199802> <3921> <ERRS> |authmgr|  ncfg_auth.c, ncfg_auth_server_group_authtype:329: Invalid authentication type 25 (ip=10.40.145.63)
Apr  3 13:15:01  webui[3692]: USER: kysnyder has logged in from 10.40.145.63.

 

Thanks,

Mike

Guru Elite

Re: VIA Users keep getting disconnected.

The best thing you can do is open a TAC case, because there is alot of personal information on your controller that might need to be analyzed to get to the bottom of this:

http://www.arubanetworks.com/support-services/support-program/contact-support

 

 

While you are doing that, you can still post here, and have someone working on your TAC case at the same time.

 

With that being said, just like any other issue that only happens once in awhile, it would be best to setup a syslog server so that the logs you are looking for do not get erased due to "rolling".  After you set that up, you can turn on VPN debugging like this:

 

config t

logging level debugging security subcat ike
logging level debugging security process aaa
logging level debugging security process authmgr
logging level debugging security process l2tp
logging level debugging security subcat vpn

 

When the issue happens, I would find out what the public ip address of the user is, and then filter the security logs on that ip address to understand what could be happening:

 

show log security all | include <public ip address>

******************
Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.
******************
Occasional Contributor I

Re: VIA Users keep getting disconnected.

Thanks for the help I do have a TAC case open and I turned on the logging like you instructed.

 

- Mike

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: