I try to setup a VIA tunnel based on ikev2 using EAP-TLS. My setup has the following components:
- Aruba 620 controller with 6.1.2.8
- VIA client software on W7 2.0.1.0.30205
- RADIUS server on W2008r2 server (NPS)
- Certificate server on W2008r2 server
I get the popup for selecting my user cert and authentication in the NPS log is succesful, but when the VIA client tries to setup the secure tunnel the following message appears in the logfile "anrac.txt" which is under C:\ProgramData\Aruba Networks\VIA. The
IKE_fragCheckFragmentIKE Payload Length is 132IKE Fragment Length is 868
Mar 16 16:43:51.420 360 INFO anikeimpl 534 IKE PAcket Received
Mar 16 16:43:51.420 360 INFO ancert_mgmt 113 Issuer Attribute type 38
Mar 16 16:43:51.420 360 INFO ancert_mgmt 113 Issuer Attribute type 38
Mar 16 16:43:51.420 360 INFO ancert_mgmt 113 Issuer Attribute type 3
Mar 16 16:43:51.420 360 INFO ancert_mgmt 178 Issuer Attribute TEST ROOT CA
Mar 16 16:43:51.420 360 ERROR ancert_mgmt 1357 Cert is not found. reason -2146885628
Mar 16 16:43:51.420 360 INFO ancert_mgmt 324 The size of the chain context is 56.
Mar 16 16:43:51.420 360 INFO ancert_mgmt 325 1 simple chains found.
Mar 16 16:43:51.420 360 INFO ancert_mgmt 326 Error Status code is 0
Mar 16 16:43:51.420 360 INFO ancert_mgmt 1376 Signature algo: akt_rsa
Mar 16 16:43:51.420 360 INFO anike_mocana_cbh 444 IKE_XChngSend Done
Mar 16 16:43:51.420 360 DEBUG anikeimpl 498
I have installed the certificate for TEST ROOT CA installed in the certificate store of my local PC as well as on the Aruba controller.
Is anyone known to this issue?
Thanks in advance!
Peter
#AP-300#AP325