Wireless Access

Reply
Occasional Contributor II
Posts: 10
Registered: ‎07-25-2011

VIA and MacOS ( what am I missing?)

Running VIA on a 3600 with version 6.1.2.4.

Windows VIA clients (32 and 64 bit) both connect fine, as does the new iPad client, but I'm missing something, as Mac version isn't working.

 

Controller log shows Auth failure, but the LDAP server isn't even getting the request ( as per the LDAP server logs)

 

Dec 13 15:29:46  l2tp[541]: <105003> <ERRS> |l2tp|  PPP/VPN Authentication failed fairlie 173.161.138.94 PAP.  
Please check authentication server radius/ldap/tacacs logs.

 

I have it set to fail to the internal DB and that does work.. so what am I missing?

 

( I saw in the other thread that there was a difference bt. Mac and Windows configs on the controller, but didn't want to jack that thread)

 

 

Guru Elite
Posts: 21,271
Registered: ‎03-29-2007

Re: VIA and MacOS ( what am I missing?)

The configs on your firewall is different because the mac requires more ports inbound to your network:

 

You need:

 

UDP— 500, 1701, and 4500

TCP—1723, 443
IP protocol— 50 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Occasional Contributor II
Posts: 10
Registered: ‎07-25-2011

Re: VIA and MacOS ( what am I missing?)

Thanks for the quick reply.

 

Are you referring to firewall rules on the controller itself, or our WAN firewall ( because currently I have wide open access to the controller from outside on the WAN firewall ( not blocking anything)

Aruba Employee
Posts: 1
Registered: ‎05-27-2010

Re: VIA and MacOS ( what am I missing?)

Timothy,

The VIA client on Mac OS authenticates against the server configured under the 'VPN authentication profile', which is different from the Windows/iOS clients that authenticate against the server under 'VIA authentication profile'.

Therefore you would have to provision your LDAP server under VPN Authentication Profile->default->Server Group.

Hope this helps.


Regards

Charu

Occasional Contributor II
Posts: 10
Registered: ‎07-25-2011

Re: VIA and MacOS ( what am I missing?)

Yep, adding the LDAP servers in the VPN auth profile did the job.

 

Thanks guys!

Contributor I
Posts: 23
Registered: ‎04-19-2011

Re: VIA and MacOS ( what am I missing?)

i have the vpn authentication profile configured to reflect the same server group as the VIA authentication profile and I am still having issues with MAC OS devices connecting. here is the error message on the controller: <l2tp 105003>  <ERRS> |l2tp|  PPP/VPN Authentication failed (user name) 24.2.189.200 MSCHAPv2.

Search Airheads
Showing results for 
Search instead for 
Did you mean: