Wireless Access

Reply
Regular Contributor I

AAA Server Timeout Response.

Dear Experts,

 

I have installed the NPS server on a separate machine and it is a part of Domain. DC is also a Certificate Authority. I am getting AAA server timeout response on both Controllers. Please find the below detailed information.

 

Two controllers operationally fine in Master/Standy mode based on VRRP along with database synchronization and centralized licensing features. Controllers are in layer-2 domain. Controllers and servers are terminated on core switch.

 

Native VLAN in the whole network = 5

Master controller VLAN and IP = vlan-5 & 172.17.48.161

Standby controller VLAN and IP = vlan-5 & 172.17.48.162

VRRP IP of VLAN-5 = 172.17.48.160

Gaetway IP on both controllers = 172.17.48.1------->(Core switch VLAN-5 SVI)

 

NPS Server VLAN = 200

IP address of the machine on which NPS is insllated = 172.16.0.151

Radius client = 172.16.0.45  -------------------- > Gateway SVI of vlan 200 

Shared key = admin@123

 

Radius configuraiton on controller 

 

(MC7210) (config) #aaa authentication‐server radius nps
(MC7210) (RADIUS Server "nps") #host 172.16.0.151
(MC7210) (RADIUS Server "nps") #enable
(MC7210) (RADIUS Server "nps") #key admin@123
(MC7210) (RADIUS Server "nps") #       Nil
(MC7210) (RADIUS Server "nps") #       Nil

 

Added this nps server into the server group. I am able to ping NPS ip 172.16.0.151 from controllers CLI/GUI and from any part of the network.

 

Please correct me If I am wrong and let me know how to resolve """AAA server timeout issue"""

Guru Elite

Re: AAA Server Timeout Response.

You should look at the eventviewer on the NPS server to see what ip address it thinks the authentication requests are coming from.

 

The requests never come from the ip address of the VRRP..



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Regular Contributor I

Re: AAA Server Timeout Response.

Dear Cjoseph 

 

I will update you tomorrow. And lets suppose if the ip address in the event viewer is x.x.x.x then do I need to set this ip as Radius client ? and any further configuration required ?

 

I will be gratefull to you for your assistance in this matter.

Guru Elite

Re: AAA Server Timeout Response.

The answer is yes.



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Regular Contributor I

Re: AAA Server Timeout Response.

Dear Cjoseph,

 

An event viewer showing that request is coming from Master controller ip 172.17.48.161. So according to you request would never come from virtual ip so I added two radius clients 172.17.48.161 & 172.17.48.162  in the NPS server.

 

You are a great man. Thumps up 

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: