Wireless Access

last person joined: an hour ago 

Access network design for branch, remote, outdoor and campus locations with Aruba access points, and mobility controllers.
Expand all | Collapse all

Unable to connect to WPA2 Enterprise SSID

  • 1.  Unable to connect to WPA2 Enterprise SSID

    Posted Oct 31, 2013 06:16 AM

    We had a power outage post which a user is unable to connect to the WPA2 Enterprise SSID, where he is able to connect to WPA2-PSK SSID. I have already done the following troubleshooting

     

    recreated the WPA2-Enterprise profile

    restarted the WLAN Autoconfig service

    reinstalled the wireless driver

     

    When i performed AAA server diagnostic using the user's ID, the authentication was successfull.

     

    Why isnt the user not able to connect only to the WPA2-Enterprise ID. The user is using a Win 7 OS.

     

    Another incident of similar type is wherein I m unable to create the WPA2 Enterprise profile itself in a user's laptop, but the same user is able to connect to the WPA-PSK SSID.

     

    Need Help !

    Thanks



  • 2.  RE: Unable to connect to WPA2 Enterprise SSID

    Posted Oct 31, 2013 07:21 AM

    WPA2 Enterprise relies on the use of RADIUS for user authentication.  If the clients can connect to WPA2-PSK networks, but not WPA2-Enterprise; I would first check the RADIUS server to make sure it has the proper policies setup.   What is the RADIUS solution?   Can you share any logs at the time of failure?



  • 3.  RE: Unable to connect to WPA2 Enterprise SSID

    Posted Oct 31, 2013 07:37 AM

    Can you check the show IP radius source-interface ?

    And also do a show profile-errors


  • 4.  RE: Unable to connect to WPA2 Enterprise SSID

    Posted Oct 31, 2013 11:50 PM
      |   view attached

    RADIUS Authentication is working fine because authentication is successful when i do AAA test server diagnostic on the radius server.

     

    Output of show IP radius source-interface and show profile errors

     



  • 5.  RE: Unable to connect to WPA2 Enterprise SSID

    Posted Nov 01, 2013 02:10 AM

    Sometimes the AAA test is not the exact same authentication that is done at the radius server.

     

    Try to connect the client and collect the message from the logs on the radius server when the client tries to connect.

     

    Also on the controller, please supply the output of "show auth-tracebuf mac <mac address of client>"

     

    Is this failing for ALL users, or just that specific user.  Also, if you cannot create a WPA2 profile on the client, it is a client issue and that needs to be solved on the client side.



  • 6.  RE: Unable to connect to WPA2 Enterprise SSID

    Posted Nov 01, 2013 04:21 AM

    only one user is facing this issue. Anything in the event logs that can help me ?



  • 7.  RE: Unable to connect to WPA2 Enterprise SSID

    Posted Nov 01, 2013 08:06 AM

    The output of the radius server is essential.  If the user is failing authentication, we need to see what the radius server logs are saying.  There are many reasons why the user could be failing and the radius server will give us a piece of that puzzle.