Wireless Access

last person joined: yesterday 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

Radius Aruba 7005

This thread has been viewed 4 times

  • 1.  Radius Aruba 7005

    Posted Jun 24, 2017 11:17 PM

    Hi, I'm having trouble communicating a NPS radius with a Aruba controller model 7005. I read many ArubaOS_6.4 pages,
    I followed the step by step from Configuring to RADIUS Server written in ArubaOS_6.4, but I still do not have the solution.



  • 2.  RE: Radius Aruba 7005

    EMPLOYEE
    Posted Jun 24, 2017 11:57 PM

    What is not happening?  Did you do the AAA test from the diagnosics tab?

    Any log messages o the NPS server?

    Please be specific..



  • 3.  RE: Radius Aruba 7005

    Posted Jun 25, 2017 02:45 PM

    Hi, Tranks for your answer.It's a first time I use a Aruba controller. 

     

    Aruba Controller displays the message below

     

     

    Jun 25 15:26:09 authmgr[3579]: <522275> <ERRS> |authmgr| User Authentication failed. username=host/SOLUS-4BT8Y02.solustecnologia.local userip=0.0.0.0 usermac=ac:7b:a1:c9:fd:c4 servername=SRV-RADIUS serverip=192.168.10.122 apname=IAP_215 bssid=b4:5d:50:b1:98:c0
    Jun 25 15:26:09 authmgr[3579]: <132207> <ERRS> |authmgr| RADIUS reject for station host/SOLUS-4BT8Y02.solustecnologia.local ac:7b:a1:c9:fd:c4 from server SRV-RADIUS.
    Jun 25 15:26:09 authmgr[3579]: <132053> <ERRS> |authmgr| Dropping the radius packet for Station ac:7b:a1:c9:fd:c4 b4:5d:50:b1:98:c0 doing 802.1x
    Jun 25 15:26:19 authmgr[3579]: <522275> <ERRS> |authmgr| User Authentication failed. username=ruy.neto userip=0.0.0.0 usermac=ac:7b:a1:c9:fd:c4 servername=SRV-RADIUS serverip=192.168.10.122 apname=IAP_215 bssid=b4:5d:50:b1:98:c0
    Jun 25 15:26:19 authmgr[3579]: <132207> <ERRS> |authmgr| RADIUS reject for station ruy.neto ac:7b:a1:c9:fd:c4 from server SRV-RADIUS.
    Jun 25 15:26:19 authmgr[3579]: <132053> <ERRS> |authmgr| Dropping the radius packet for Station ac:7b:a1:c9:fd:c4 b4:5d:50:b1:98:c0 doing 802.1x



  • 4.  RE: Radius Aruba 7005
    Best Answer

    EMPLOYEE
    Posted Jun 25, 2017 02:59 PM

    You need to look in the radius server logs (event viewer) and see why the NPS server is rejecting.  You are probably not allowing authentication to the group Domain Computers, is probably why the NPS server is rejecting the auth.  This has to be configured on the NPS server and has nothing to do with the Aruba Controller.



  • 5.  RE: Radius Aruba 7005

    Posted Jun 25, 2017 04:23 PM

    I have a parallel infrastructure that uses NPS and IAP 215 I had no problems authenticating users. 

     

    I performed a test  AAA test Server  Displayed message : Authentication Successful

     Accessing the event view it displays the id 6273 code 22.



  • 6.  RE: Radius Aruba 7005

    EMPLOYEE
    Posted Jun 25, 2017 06:25 PM

    You are talking in general.  The message you pasted says that the NPS server rejected the AAA request.  You need to look at those messages to see why it is happening.  If it works in one infrastructure but not in another, you need to look at logs on all three devices to see why it is happening.  You have to start with the NPS logs.



  • 7.  RE: Radius Aruba 7005

    Posted Jun 25, 2017 09:31 PM

    Thanks for the help, the error is in the NPS. It helped me a lot. I hope this question helps other people.