Wireless Access

 View Only
  • 1.  Aruba VC AP FortiNAC Can't Show Ports and SSIDs

    Posted 29 days ago

    Hey,

     

    We have 4 locations that we use Aruba APs and works well. Now we have 1 more location and have 4 AP's in the location. AP02 is the VC that assigned by Aruba Central and we cloned the working location's configs in this location. After that, we created VIP .20 and added to the FortiNAC. Credentials are working but in this location we can't see the ports or SSIDs. How can we solve that? Thanks in advance.

     

    This is the new location;

    Working location;


  • 2.  RE: Aruba VC AP FortiNAC Can't Show Ports and SSIDs

    Posted 29 days ago

    I didn´t catch it. What is that for a view?

    You said that you are managing the APs by Aruba Central. Can you give the status of the APs in Central?

    Are Wi-Fi SSIDs in the air?

    Are Clients able to connect to an SSID?

    "After that, we created VIP .20 and added to the FortiNAC." - so you gave the VC the statis IP Address 10.8.13.20 and add this to the FortiNAC as NAD Address, so that Radius Authentication is allowed - is that what you are saying?




  • 3.  RE: Aruba VC AP FortiNAC Can't Show Ports and SSIDs

    Posted 29 days ago

    Client's are not able to connect to an SSID but they can see them. The only difference is what I post in the topic and clients are not able to connect.




  • 4.  RE: Aruba VC AP FortiNAC Can't Show Ports and SSIDs

    Posted 29 days ago

    So do you get more information from Aruba Central, why Clients are not able to connect?

    On the AP the following outputs would be from interest:

    https://www.arubanetworks.com/techdocs/CLI-Bank/Content/instant/sh-ap-debug-auth.htm
    https://www.arubanetworks.com/techdocs/CLI-Bank/Content/instant/sh-radius-stat.htm

    let´s start with this commands first.




  • 5.  RE: Aruba VC AP FortiNAC Can't Show Ports and SSIDs

    Posted 27 days ago

    Very confusing question. Just a wild gues on assumption that you are running aos8. Did you enable radius proxy on vc?

    Best, Gorazd



    ------------------------------
    Gorazd Kikelj
    MVP Guru 2024
    ------------------------------



  • 6.  RE: Aruba VC AP FortiNAC Can't Show Ports and SSIDs

    Posted 27 days ago

    I'm, still confused. I see two possible issues:

    • You can't see ports in your NAC platform; which from what I see, may require SNMP to query the APs, and that may not be setup correctly on the platform or on the AP side. But I have never seen that platform, so it's just guessing what and how it would work. You may check with fortinet support what is required and check if it has been setup correctly.
    • Clients can't connect; which may be an authentication issue, and if that same NAC platform performs the authentication, it may need to be setup to accept this new location (RADIUS clients and shared secrets, or RadSec). But you have not shared what authentication is used/configured, so also here, just guessing. Can clients connect to a plain open or PSK (without MAC authentication) network?

    Can you please explain which of the above is your problem? In either case, you may need someone knowing your NAC platform. The AP side setup is dictated by that.



    ------------------------------
    Herman Robers
    ------------------------
    If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

    In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
    ------------------------------