Wireless Access

last person joined: yesterday 

Access network design for branch, remote, outdoor and campus locations with Aruba access points, and mobility controllers.
Expand all | Collapse all

Wrong passwords between MC and MM / MM and MM

  • 1.  Wrong passwords between MC and MM / MM and MM

    Posted Jun 30, 2020 04:35 AM

    how can i troubleshoot this issue and find the root cause

     

    Wrong passwords between MC and MM

     

    OR MM and MM



  • 2.  RE: Wrong passwords between MC and MM / MM and MM

    Posted Jun 30, 2020 06:00 AM

    In your Mobility Master (MM) there will be a line(s) in the configuration for each of the Mobility Controllers (MCs):

    !
    localip <controller-ip> ipsec ******

     To find it easier and to de-encrypt the ipsec PSK try this:

    cd /mm
    encrypt disable
    show configuration effective | include localip

    Try setting this PSK to what you configured during the full-setup phase of the controller. 

     

    For the MM redundancy (MM to MM)  the ipsec key is configured under 'master-redundancy'. Look for the following:

    peer-ip-address <MM-peer> ipsec <ipsec-key>

    This needs to be the same at both MMs.

    Remember to 'encrypt enable' when you're done. 



  • 3.  RE: Wrong passwords between MC and MM / MM and MM

    Posted Jun 30, 2020 08:05 AM

    how can i check the error by the debug ???



  • 4.  RE: Wrong passwords between MC and MM / MM and MM

    Posted Jul 01, 2020 02:28 AM

    As it's IPsec auth failure you would be looking for IKE failure in the ipsec related debug logs. One of these will do the trick:

     

    logging security process crypto level debugging
    logging security subcat ike level debugging
    logging security process authmgr level debugging

     

     

    Maybe something like this: <6280> <DBUG> |ike| 10.10.10.99:500-> I <-- Notify: AUTHENTICATION_FAILED (IKE)

    Remember to turn off debug level logging after you're finished.