Wireless Access

Reply
Highlighted

Radius time out connxtion issue

Hi , I had a problem with a 3400 controller , the OS istalled is 5.0 and configured with a 802.1x witch works well with radius server on 2008R2.
When I upgraded the controller to version 6.4.0. the 802.1x doesen't work , the first thing I done is to test the radius server from the controller , (on diagnostic , AAA server section)
the message I got is "connexion time out" , when I rebooted the controller on the partition with AOS 5 all works fine.
Is there someone who had the same issue , what can be the reason of this.
Thanks a lot.

Re: Radius time out connxtion issue

Do you have termination enabled ?

Get Outlook for iOS
Thank you

Victor Fabian
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA

Re: Radius time out connxtion issue

Hi Victor , yes termination is enabled.

It is the same configuration on the AOS 5 and works fine.

 

Re: Radius time out connxtion issue

It is best practice to do the termination on the RADIUS server and not on the controller .

You should either purchase/install a third party cert or use your internal PKI to generate/install one on your RADIUS server.

Of course if you do this all your wireless will need to access the new certificate.
Thank you

Victor Fabian
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA

Re: Radius time out connxtion issue

Thank you Victor for your reply , I must diagnose deeply at my client
but I dont unterstand why all is fine with the old AOS,
Is there somme parameters added on the new AOS wich must be configured for the radius server or server group ?

Thank you.

Re: Radius time out connxtion issue

Please take a look at this article
https://community.arubanetworks.com/t5/Controller-Based-WLANs/ArubaOS-Default-Certificate-Revocation-FAQ-Controllers/ta-p/275809


Get Outlook for iOS
Thank you

Victor Fabian
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA

Re: Radius time out connxtion issue

Hi Victor , thak you for the link , you mean that the upgrade causes a certificate revocation and we must recreate a new certificate ?
An other information that I missed , the controller is a master and tne backup is down , is there any impact if ther is only the master in production.
Other thing , the client connect to the ssid without certificate (certificate was created on the 2008 server).
Thanks for your help.

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: