Wireless Access

last person joined: yesterday 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

Authentication issues when the APS fail over to the backup LMS ip

This thread has been viewed 0 times

  • 1.  Authentication issues when the APS fail over to the backup LMS ip

    Posted Apr 20, 2016 08:31 PM

    Hello

    We got a deployment in which we have multiple local controllers aon  many remote sites and one pair of 7210  with VRRP on the central site.

     

    When the APS terminate their tunnel on the local controller we can authenticate no issue

    Whent he APS fail over to the Master controller(we are simulating that the local controller is failing) the users cannot authenticate anymore.

     

    -The APS are using LACP Stripping(its configured on the local controller and also i configured it on the mater controller)  i can see the s of Stripping mode on the local controller but i cannot see it on the master controller when they fail over to it(dont know if thats okay)

    -I tried creating a WPA2 Preshared key and i cannot even authenticate to it( the password im using is easy "12345678" for testing purpuse i even copy and pasted it and it saying my password its incorrect but i know its correct...

    So i dont know whats wrong.

     

    I did the AAA test on all the controllers, and in every controller works fine... it says authentication is succesful, so its not the raidus server.

    On the radius server when im trying to authenticate users of the APS which are terminating on the master controller when they fail over  when i try to authenticate i cannot see any event on the event viewer ont he radius server like if there wasnt any request  getting to him.

    Ï do see the request coming to the radius server when i try to authenticate with the aaa test of the controllers... 

     

    Any ideas???

     

     

    Cheers

    Carlos



  • 2.  RE: Authentication issues when the APS fail over to the backup LMS ip

    EMPLOYEE
    Posted Apr 20, 2016 11:04 PM

    Look at the security or error log on that controller to see what is going on...

     

    show log security 50

    show log error 50

     



  • 3.  RE: Authentication issues when the APS fail over to the backup LMS ip

    Posted Apr 20, 2016 11:14 PM

    I cheked all that and nothing relevant shows up... its just soo odd...

     

    Cheers

    Carlos



  • 4.  RE: Authentication issues when the APS fail over to the backup LMS ip

    Posted Apr 22, 2016 12:02 PM
    hello Collin i was able to fix it. it seems that you need to build another vrrp instance for the for the lacp stripping ip. now i did it im able to connect. i got a question for you. i see that in the master controller i see all the aps up i can connect in 2.4ghz band and 5ghz band as well. everything seems to be working fine. what i notice is that the stripping flag is not there and i should be able to ser it. on the local controller i se on the flags 2s but whn it fails over to the mster i just see s... and i should see 2s i guess. is that normal? or it should appear 2s ????


    #AirheadsMobile