Wireless Access

Reply
Contributor I
Posts: 38
Registered: ‎12-13-2011

Users unable to authenticate using RADIUS server?

Hi

 

We have a partner that uses our WiFi, they have X2 SSID's setup for X2 seperate RADIUS servers using 802.1X.

They have made a change which stopped users authenticated to either RADIUS server? They rolled back the change and can acces one server using one SSID but not the other?

 

Logs say - Dropping the radius server packet

                 Authentication Server Out of Service

                 Request timeout

I can ping both RADIUS servers from the controller, they say they cant see any logs on one the servers from the controller?

Contributor I
Posts: 38
Registered: ‎12-13-2011

Re: Users unable to authenticate using RADIUS server?

I beleive they added a request forwarder from one RADIUS server to the other older leagcy NPS. 

They say they have rolled back this as it caused a problem, however one of the SSID's are no longer sending RADIUS request?

 

I have no visability of their server or network!

Guru Elite
Posts: 21,491
Registered: ‎03-29-2007

Re: Users unable to authenticate using RADIUS server?

They need to look at the Radius Server and see if  it is getting radius requests from an unknown radius client.  They would have to correct the radius client address on the radius server...



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Contributor I
Posts: 38
Registered: ‎12-13-2011

Re: Users unable to authenticate using RADIUS server?

Hi

 

They say they are not receiving any RADIUS requests, they can only see when I ping?

 

How can I test traffic is reaching them?

Guru Elite
Posts: 21,491
Registered: ‎03-29-2007

Re: Users unable to authenticate using RADIUS server?

You could install wireshark on the radius server and do a packet capture to see if any radius traffic is being received.



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Contributor I
Posts: 38
Registered: ‎12-13-2011

Re: Users unable to authenticate using RADIUS server?

Hi

 

They won't do that as they say they cant see traffic on their firewall which is connected to our controller?

Contributor I
Posts: 38
Registered: ‎12-13-2011

Re: Users unable to authenticate using RADIUS server?

Debug logs show authentication timeout messages, RADIUS Server is up, back in service and down for 10 mins?

Guru Elite
Posts: 21,491
Registered: ‎03-29-2007

Re: Users unable to authenticate using RADIUS server?

They should reenter the radius server key on both ends to make sure it is working.  Without having access to their system it is difficult to troubleshoot, because it could be anything?  Is there a firewall between the radius server and the controller?



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Contributor I
Posts: 38
Registered: ‎12-13-2011

Re: Users unable to authenticate using RADIUS server?

Yes they have a firewall connected to our controller, so they say they cant see any traffic going to their RADIUS server?

 

I can only see failed messages on the controller!

Yes it is very difficult to troubleshoot, the problem only occured when tehy mad a change to add a forwarder now roled back only working on one SSID and RADIUS?

Guru Elite
Posts: 21,491
Registered: ‎03-29-2007

Re: Users unable to authenticate using RADIUS server?

Did they change anything on the controller?  Type "show audit-trail" to see what was changed...

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
Showing results for 
Search instead for 
Did you mean: