Wireless Access

Reply

Why client authentication failed when fail over from master to local controller?

Hi, we have 2 controllers which are configured as master and local, and use clearpass to do client authentication. LMS IP /backup lms IP are already set in AP system profile. Master and local controllers are all added to Clearpass as network devices. Now when AP connected to master controller, the authentication successful, but when connect to local controller, all client cannot be authenticated, and no incoming authentication request is received on ClearPass. Please advise the possible cause. Thanks.

Guru Elite

Re: Why client authentication failed when fail over from master to local controller?

#1 reason:. You don't have the second controller configured as a radius client in clear pass...


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Re: Why client authentication failed when fail over from master to local controller?

Thanks for reply.

 

Yeah, we considered this possible cause.  We have added the second controller on Clearpass under "configuration/network device" as the first controller. Anything is needed to be configured for second controller on clearpass?  

Guru Elite

Re: Why client authentication failed when fail over from master to local controller?

You should look in the event viewer in clear pass to get a clue why it is happening.


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Re: Why client authentication failed when fail over from master to local controller?

The procedure to add second controller IP on Clearpass is just need to add the controller under "Configuration/Network device" , right? Now there is nothing in Clearpass "Access Tracer". Later We will check the event view. Thanks a lot

Guru Elite

Re: Why client authentication failed when fail over from master to local controller?

The event viewer will tell you if it is dropping a radius request because the traffic is coming from the wrong IP address. Access tracker will not tell you anything


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Aruba Employee

Re: Why client authentication failed when fail over from master to local controller?

Hi,

What information you see in controller from system and errorlogs?

How about show auth trace output?
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: