Hi,
Let me first state what works:
I have a Powerconnect W-620 controller running arubaOS 5.0.4.3.
I have 2 ssid's, one is for employees, the other for visitor access. The visitor ssid has an own vlan that is truncted to an ASA, so it has internet access but no internal access. Both work fine as designed, with WPA-PSK2.
Now for my problem :
Yesterday I decided to implement Radius (using a W2K3 server) for both ssids.
I got it to work successfully for the employee ssid, but fail on the visitor ssid. You'd think the vlan is the culprit but no.
The controller refuses to apply my visitor AAA profile to the visitor vap, complaining about the 802.1X authentication server Group not being defined in the default/defaultdot1x AAA section.
But when I go there and define the missing servergroup, another error pops up : Role 'authenticated' is user defined and can't be applied without NG Policy Enforcement firewall. The weird thing is I didn't get that error when I setup the first SSID. I really don't need a firewall on the W-620, as I have my ASA handle all that.
Then I contacted DELL Benelux for a quote .. they don't have a clue what I'm talking about. It turns out I'm the only Aruba customer they have in the Benelux, and support is non existent. When I purchase an AP, antennas are forgotten, eventually you get those and hook up the AP only to realize you need a licence, that Dell obviously didn't quote, aruba powercubes are non unobtainable, I've burned so much time on this platform... end of rant - but I'd really like to know :
1. do I just need to update the firmware for this to go away ?
2. how can I order an NGPE firewall ?
3. how much does this thing cost ? Yes, an estimate is fine.
kind regards
Ward