Remote Networking

Frequent Contributor I

User Role suddenly becomes denyall

Hi All,

We were doing some testing on RAP-2.
I connected my laptop to this 802.1x SSID on AP61, then connected my laptop to other SSID RAP-5.
My client user role changed from "customized role" to a 'Denyall" role.
And this "denyall" role was stuck on my client, even after I disconnected to the SSID.
This "denyall" role could not be disconnect on the Aruba WebUI (monitoring > Clients).

Anyone had this experience before?

After a few hours, another user connected via 802.1x and got this "" authentication error on the IAS, and user authentication failed on Aruba controller.

Solution for "denyall" client:
We withdrawn the "denyall" client by applying blacklisting, and took the client out from blasklisting after that.

Aruba Employee
Aruba Employee

Re: User Role suddenly becomes denyall

Can you give us more info about the setup of the VAPs on the AP and RAP? You said it was a different SSID, I assume that means your configuration is different as well, which may be part of the issue. You can also clear the client back to the logon role through monitoring > clients, select the client and choose disconnect.

Andy Logan, ACDX
Director, Strategic Account Solutions
Aruba Networks
Aruba Employee

Re: User Role suddenly becomes denyall

Michael - I've seen the incorrect role being listed with bridge-mode SSIDs on RAPs. In my case, the user did have the correct role, but the controller showed the incorrect one.
Search Airheads
Showing results for 
Search instead for 
Did you mean: