09-05-2012 10:52 AM
I am working on integrating a 2-factor authentication solution to work with AMP. In our setup AMP is configured to send authentication requests (user login) to a RADIUS server which then proxies to 2-factor server. On the AMP login page a user enters their username and for the password they enter a randomly generated password and pin from a token. The process of proxying to the external server seems to be working as the external 2-factor server and local RADIUS server all indicate a "access granted" but AMP indicates "login failure." Anyone ever run into this issue before or have any ideas how to resolve this issue.
Solved! Go to Solution.
09-05-2012 11:15 AM
If you are doing this over radius, you must also return the aruba-admin-role attribute, otherwise it will fail. See the document here: http://na2.salesforce.com/servlet/servlet.FileDownloadPkb?file=00P40000007WQi6&orgId=00D3000000008G4&pPid=50140000000apnL on how to setup the vendor specific attribute required for Airwave Authentication.
Aruba Customer Engineering
Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base
09-07-2012 05:53 AM
Thanks, that is what the problem was. I had the local RADIUS server set to return the aruba-admin-role attribute but the externel RADIUS server that was proxied for the actual authentication was not.