Thanks for the suggestions, I will not be able to run those commands till next weekend when I am on site and can put my test machine onto the new network.
Original Message:
Sent: Jul 11, 2024 04:49 AM
From: cjoseph
Subject: User role not changing to authenticated after authed by NPS
show user-table will show you what AAA profile (the profile column) your WLAN is using.
I would advise that you change the default dot1x role to "authenticated" in that profile for testing. You should also do "AAA user delete IP <IP address of user>" while testing to delete that user from the user table.
------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
HPE Design and Deploy Guides: https://community.arubanetworks.com/support/migrated-knowledge-base?attachments=&communitykey=dcc83c62-1a3a-4dd8-94dc-92968ea6fff1&pageindex=0&pagesize=12&search=&sort=most_recent&viewtype=card
Original Message:
Sent: Jul 11, 2024 04:39 AM
From: PSPSICT
Subject: User role not changing to authenticated after authed by NPS
default-dot1x the Mac and 802.1X are both set to guest however we do not use that one as we have one for our staff and that one the default roles for 802.1 and Mac auth are set to authenticated.
Then under AAA for our staff profile the 802.1X Auth profile is the one we have created in L2 Auth
Thanks
Original Message:
Sent: Jul 11, 2024 04:01 AM
From: cjoseph
Subject: User role not changing to authenticated after authed by NPS
Is the default dot1x role authenticated in the AAA profile?
------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
HPE Design and Deploy Guides: https://community.arubanetworks.com/support/migrated-knowledge-base?attachments=&communitykey=dcc83c62-1a3a-4dd8-94dc-92968ea6fff1&pageindex=0&pagesize=12&search=&sort=most_recent&viewtype=card
Original Message:
Sent: Jul 11, 2024 03:55 AM
From: PSPSICT
Subject: User role not changing to authenticated after authed by NPS
Hi,
Thanks for your reply.
We have licences assigned to the new controller for AP, PEF, RF Protect and all three are enabled.
Thanks
Original Message:
Sent: Jul 09, 2024 04:33 PM
From: cjoseph
Subject: User role not changing to authenticated after authed by NPS
Do you have the PEFNG (Policy Enforcement License) installed? If not, there is no concept of role differentiation.
------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
HPE Design and Deploy Guides: https://community.arubanetworks.com/support/migrated-knowledge-base?attachments=&communitykey=dcc83c62-1a3a-4dd8-94dc-92968ea6fff1&pageindex=0&pagesize=12&search=&sort=most_recent&viewtype=card
Original Message:
Sent: Jul 09, 2024 08:16 AM
From: PSPSICT
Subject: User role not changing to authenticated after authed by NPS
I am in the process of deploying a new controller 7205 running ArubaOS 8.11.2.2 SSR I have some test APs working and users can connect to the SSID but not able to transmit or receive data.
We use MS NPS server to do authentication for MAC and User to determine is allowed onto our network and to put the user into the right VLAN this works fine for our wired infrastructure and currently works fine on our old controller running 6.something and our new controller at our other site.
I can see the new SSID on my laptop, I can connect to it, RADIUS grants my connection and I get an IP address, I can see my client connected in teh Arubua controller I can see the IP I have been given but my role is still showing as logon and not authenticated as it does on our other controllers.
For the life of me I can not work out what bit of config is missing to make this work.
Any help is appricated
Thanks
Dave