Security

Reply
Occasional Contributor II

config mobility controller and clearpass

I'm trying to connect my Aruba MC 7210 to my ClearPass 6.6 appliance but I get radius error.

 

1. In ClearPass - I Configured my MC 7210 "\Configuration\Network\Devices\"

 

2. In MC 7210 - I configured my Radius Server(ClearPass)

"\Configuration\authentication\Servers\Radius Server"

 

3. In MC 7210 - I configured my Server Group

"\Configuration\authentication\Servers\Server Group"

 

4. In MC 7210 - I configured my RFC 3576 Server(ClearPass)

"\Configuration\authentication\Servers\RFC 3576 Server"

 

5. In MC 7210 - I configured my WLAN pointing to Radius Server

 

And I receive Radius Server Authentication Error. What can I do?

 

Here we have some logs...

[Th 13 Req 5 SessId R00000005-01-5824b6c9] ERROR RadiusServer.Radius - rlm_service: Service Categorization failed

 

[Th 13 Req 5 SessId R00000005-01-5824b6c9] ERROR RadiusServer.Radius - rlm_service: Policy Server result = 65535, msg = Service classification failed

 

[RequestHandler-1-0x7f08245e2700 r=psauto-1478731079-11 h=223 r=R00000005-01-5824b6c9] ERROR Core.ServiceReqHandler - doServiceClassification: Error. Ret code=0 response list size=0

Guru Elite

Re: config mobility controller and clearpass

Please post a screenshot of your service.

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Occasional Contributor II

Re: config mobility controller and clearpass

Service.PNG

Guru Elite

Re: config mobility controller and clearpass

OK. Look through the input tab in the access tracker request and make sure
those all match. Also, remove rule 3.

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Occasional Contributor II

Re: config mobility controller and clearpass

Hi, All this information is correct, I removed rule 3 and is the same

 

Input.PNG

Guru Elite

Re: config mobility controller and clearpass

Your SSID rule is likely the issue. You're searching for "secure", but the
SSID is "DigiWorld.Aruba"

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Occasional Contributor II

Re: config mobility controller and clearpass

Hi, All this information is correct, I removed rule 3 and is the same.

Logs:

ERROR RadiusServer.Radius - rlm_service: Service Categorization failed

 

ERROR Core.ServiceReqHandler - doServiceClassification: Error. Ret code=0 response list size=0

 

ERROR RadiusServer.Radius - rlm_service: Policy Server result = 65535, msg = Service classification failed

Input.PNG

Occasional Contributor II

Re: config mobility controller and clearpass

Thanks a lot, I solved it and now I get this

 

ERROR RadiusServer.Radius - rlm_peap: Configured for public mode, but request username hrojas does not match public username public, rejecting

 

How can I config the Authentication without public mode?

 

 

Guru Elite

Re: config mobility controller and clearpass

If you're not using EAP-PEAP-Public, remove EAP-PEAP-Public from the
authentication methods list and add EAP-PEAP.

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Occasional Contributor II

Re: config mobility controller and clearpass

Yes, but I dont't have that choise. Can't I use EAP-MSChap2?

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: