Wireless Access

Reply
Contributor II

radius out-of-service message

We have a customer with laptops running 802.1x to NPS via a 3600 controller.

They cant get on to the system and when i run the show auth-trace-buf command i am getting a radius server "out-of-service"

message as though the NPS box has been placed into a "dead server" list.

I know the NPS box is working.

Pete

 

Guru Elite

Re: radius out-of-service message

What verson of ArubaOS?  How many radius servers are in the server group?  Are there any messages on the NPS server?

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Guru Elite

Re: radius out-of-service message

Are there any other devices using this NPS server? Are those working correctly?

Can you run a AAA test from the diagnostics page and see if you get an accept, reject or timeout?

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Contributor II

Re: radius out-of-service message

 

We have tested the NPS box from another NAS and is working ok.

The message we are getting is a server timeout message.

Any ideas?

 

Contributor II

Re: radius out-of-service message

 

hello

no message on the NPS box but we know it's working ok.

 

Guru Elite

Re: radius out-of-service message

Try forcing it in service with the aaa inservice command

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480

Re: radius out-of-service message

Can you Ping the server ?

What ports did you define for authentication ?

Thank you

Victor Fabian
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
Contributor II

Re: radius out-of-service message

is there is any firewall between the controller and RADIUS server !
Islam Zidan │ Professional Services Engineer | ACCP,ACMP,CWDP,CWNA,CCNP,MCITP,Competia A+
If you Found My Post Helping you kindly Give KUDOS and if it solved your question Kindly hit Accept as a solution box.
Contributor II

Re: radius out-of-service message

Big Thank you to everyone who replied.

We found the issue in the end.

What had happened there was an RF rogue client who had statically configured the IP address of the NPS box!!!

All radius requests were going to this client.

As a result the lack of response meant the controller was put into a "dead server" group.

When we tracked down the client all was well.

Chap called Manish from Aruba TAC was excellent in helping out.

CHEERS

Pete

 

 

 

Contributor II

Re: radius out-of-service message

quick question as a result of what happened.

Is there a way of enforcing DHCP on an SSID so that nobody with a static IP address can get in?

cheers

Pete

 

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: