Wireless Access

Reply
Regular Contributor I
Posts: 279
Registered: ‎02-11-2013

Controller totally blocked

Hello,

 

I have tried to upgrade my Aruba 3200 controller to a new version and now it is completely blocked. I can't access it by IP, the only way is by the serial port.

 

When I want to login, my password isn't valid any more (I am sure of it). Support gave me a procedure to reset it and erase the configuration of the controller.

 

But when I try the procedure, I can't change the password. Every time I get the message "Error : Non-Compliant to Mgmt Password Policy Internal error occurred, Password validation failed". I am sure that no policy was configured and I can enter every possible password and still the same error.

 

Any idea to solve this ? No problem to get back "out of the bock", the controller is in the lab.

 

Thanks

 

Dimitri

MVP
Posts: 1,409
Registered: ‎05-28-2008

Re: Controller totally blocked

[ Edited ]

Hi

Here you go:

Here is an example how to reset admin/enable password: *VIA CLI CONSOLE- SERIAL PORT - ONLY*

 





User: password
Password: forgetme!
(aruba) >enable
Password: enable
(aruba) #configure terminal
Enter Configuration commands, one per line. End with CNTL/Z
(aruba) (config) #mgmt-user admin root
Password:
Re-Type password:
(aruba) (config) #exit
(aruba) #exit
(aruba) >exit

User: admin
Password:
(aruba) >enable
Password: enable
(aruba) #configure terminal
Enter Configuration commands, one per line. End with CNTL/Z
(aruba) (config) #enable secret
Password:
Re-Type password:
(aruba) (config) #write memory

 

It will give u the ability to reset password via serial port.

 

have a nice day.

 

*after you will reset you pass/user - you will be able to run show interfaces... or change/delete the config.

 

me

*****************2Plus Wireless Solutions****************************
Aruba Airheads - Powered By community for empower the community
************ Don't Forget to Kudos + me,If i helped you******************
Regular Contributor I
Posts: 279
Registered: ‎02-11-2013

Re: Controller totally blocked

Hi,

 

Thanks but my problem is at this point :

 

(aruba) (config) #mgmt-user admin root
Password:
Re-Type password:

 

I can't change the password. Here is the error message I have : Error : Non-Compliant to Mgmt Password Policy Internal error occurred, Password validation failed.

 

The point is that I haven't configure any password policy.

 

Dimitri

MVP
Posts: 1,409
Registered: ‎05-28-2008

Re: Controller totally blocked

Try do do a longerpassword - for the test try:
Aruba4ever
*****************2Plus Wireless Solutions****************************
Aruba Airheads - Powered By community for empower the community
************ Don't Forget to Kudos + me,If i helped you******************
Regular Contributor I
Posts: 279
Registered: ‎02-11-2013

Re: Controller totally blocked

Tried, same issue even with a much more longer password.

 

Dimitri

MVP
Posts: 1,409
Registered: ‎05-28-2008

Re: Controller totally blocked

Very Very wired - did u contact Aruba TAC regarding this issue?

*****************2Plus Wireless Solutions****************************
Aruba Airheads - Powered By community for empower the community
************ Don't Forget to Kudos + me,If i helped you******************
Regular Contributor I
Posts: 279
Registered: ‎02-11-2013

Re: Controller totally blocked

Yes, at this time, they gave me the same procedure as you. Waiting for news...

 

Dimitri

MVP
Posts: 1,409
Registered: ‎05-28-2008

Re: Controller totally blocked

[ Edited ]

Dont wait for news.

start to try all the options: (u dont have nothing to lose)  *say thanks to jfernyc*

 

You need a password that is compliant with the management password
policy as configured on the controller.

There are several parameters that can be set (and clearly are in your
case/controller), per below:

Enable password policy
Set minimum password length (6-32 characters)
Set/config minimum upper case characters required for passwd (0-10)
Set/config minimum lower case characters required for passwd (0-10)
Set/config minimum special case characters required for passwd (0-10)
Set/config the number of numerical digits required for passwd (0-10)
Set/config the # of times a single character can be repeated in a passwd
(0-10)
Deny the use of a known username, or the reverse of a username in a
passwd

If you can find out which of these are set you can then select a
compliant password.

 

 

BTW:

are u using FIPS or upgraded to FIPS? if so --> the following post - will solve your issue:

http://community.arubanetworks.com/t5/ArubaOS-and-Mobility-Controllers/locked-out-after-FIPS-upgrade/td-p/35541

 

Have a lovley day.

 

me

*****************2Plus Wireless Solutions****************************
Aruba Airheads - Powered By community for empower the community
************ Don't Forget to Kudos + me,If i helped you******************
Regular Contributor I
Posts: 279
Registered: ‎02-11-2013

Re: Controller totally blocked

Thanks I will follow the post and try to solve this issue.

 

Dimitri

MVP
Posts: 1,409
Registered: ‎05-28-2008

Re: Controller totally blocked

tell me if it worked for u :smileywink:

*****************2Plus Wireless Solutions****************************
Aruba Airheads - Powered By community for empower the community
************ Don't Forget to Kudos + me,If i helped you******************
Search Airheads
Showing results for 
Search instead for 
Did you mean: