Wireless Access

Reply
Contributor I

LDAP users authentication error with Aruba Controller

Hello,

 

We did integration with Controller 7210 with OS 6.5.1.6 with LDAP and it is successfully done.

 

When authenticating with Android, Phone it works well.
When authenticating from Windows 7, Windows 8, Windows 8 it cannot authenticate and there is an error.

 

I know it was an issue that users were facing previously. Isn't this issue solved yet?

Thank you

Guru Elite

Re: LDAP users authentication error with Aruba Controller

Is this captive portal or 802.1x authentication?



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Contributor I

Re: LDAP users authentication error with Aruba Controller

Hi Colin,

 

It is 802.1x authentication.

 

Thank you,

Guru Elite

Re: LDAP users authentication error with Aruba Controller

Did you install your own certificate or you are using the controller's built-in certificate?

 

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Contributor I

Re: LDAP users authentication error with Aruba Controller

I am using the controller's built-in certificate.

 

Thank you

Guru Elite

Re: LDAP users authentication error with Aruba Controller

It could be expired.  When you go to log into the controller admin interface, you should look at the SSL bar to see what is the date on the certificate..



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Contributor I

Re: LDAP users authentication error with Aruba Controller

Hello Colin,

 

The certificate is valid till 2047.

 

Thank you,

Guru Elite

Re: LDAP users authentication error with Aruba Controller

Mobile clients and even MacOSX typically will connect to a 802.1x SSID without having the CA that issued the certificate in their trusted store.  Windows is more strict.  

 

To be honest, the built in 802.1x certificate in the controller was not meant for production use.  It was meant to only be used in the lab and should be replace with a certificate that you create and install yourself.  It is a security issue for your clients if they are authenticating to a server certificate that you do not have control over.

 

 In addition, EAP-Termination is typically only used in situations when you don't have a radius server.  Is the LDAP server you are connecting to a Windows Server?  If yes, you should install the NPS service on that server and configure it as a radius server.  EAP-Termination may be convenient in the beginning, but installing a Windows Server for 802.1x authentication offers much more flexibility and less troubleshooting.  If you indeed have a Windows Server, see if you can follow the instructions here:  http://community.arubanetworks.com/t5/ArubaOS-and-Controllers/Step-by-Step-How-to-Configure-Microsoft-NPS-2008-Radius-Server/m-p/14392/highlight/true#M6113

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Contributor I

Re: LDAP users authentication error with Aruba Controller

Hi Colin,

 

Thank you for your update.

I will inform our customer that going with LDAP authentication will be inconvenient and it will not work properly. I will check with the IT administrator if they can enable NPS on their Windows server.

 

Thank you.

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: